Rootkit Hunter [chkrootkit]


chkrootkit is a tool to locally check for signs of a rootkit.

project page

http://www.chkrootkit.org

installation step 0 (probably no required)

apt-get update && \
apt-get -y upgrade && \
apt-get install -y net-tools && \
apt-get install -y ssh && \
apt-get install -y build-essential && \
apt-get install -y wget

instalation step 1

wget -c ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz && \
wget -c ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.md5 && \
md5sum -c chkrootkit.md5 && \
tar xzvf chkrootkit.tar.gz && \
cd chkrootkit* && \
make sense && \
ln -s $(pwd)/chkrootkit /usr/bin/chkrootkit

chkrootkit help

sudo chkrootkit -h

chkrootkit run

sudo chkrootkit

chkrootkit run

sudo chkrootkit -r /home