"Rootcheck is an open source rootkit detection software. It scans the whole system looking for known rootkits and also for the presence of unknown rootkits and kernel level ones using anomaly detection. Rootcheck is also integrated with the OSSEC HIDS, providing a powerful host-based IDS solution. It includes log analysis, file integrity change detection and rootkit detection (all in one simple to use package). "
Download rootcheck source and install:
# wget http://www.ossec.net/rootcheck/files/rootcheck-0.7.tar.gz
# tar -xvzf rootcheck-0.7.tar.gz
# cd rootcheck-0.7
# ./install
# ./rootcheck.pl
It should be fine.
No comments:
Post a Comment