rkhunter
http://www.rootkit.nl/
http://japan.linux.com/security/04/04/11/1158228.shtml
download:
# wget http://downloads.rootkit.nl/rkhunter-.tar.gz
Note: It doesn't matter where you save the tarballextract:
# tar zxf rkhunter-.tar.gz installation:
# cd rkhunter
# ./installer.shRootkit Hunter 1.1.3, Copyright 2003-2004, Michael Boelen
Rootkit Hunter comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to redistribute it under the terms of the GNU General
Public License. See LICENSE for details.
Valid parameters:
--checkall (-c) : Check system
--createlogfile* : Create logfile
--cronjob : Run as cronjob (removes colored layout)
--help (-h) : Show this help
--nocolors* : Don't use colors for output
--report-mode* : Don't show uninteresting information for reports
--skip-keypress* : Don't wait after every test (non-interactive)
--quick* : Perform quick scan (instead of full scan)
--quiet* : Be quiet (only show warnings)
--version : Show version and quit
--versioncheck : Check for latest version--bindir
* : Use instead of using default binaries
--configfile* : Use different configuration file
--dbdir* : Use as database directory --rootdir * : Use instead of / (slash at end) --tmpdir * : Use as temporary directory Explicit scan options: --disable-md5-check* : Disable MD5 checks --disable-passwd-check* : Disable passwd/group checks --scan-knownbad-files* : Perform besides 'known good' check a 'known bad' check Multiple parameters are allowed *) Parame ter can only be used with other parameters
