chkrootkit: shell script that checks system binaries for rootkit modification.


The following tests are made:
aliens asp bindshell lkm rexedcs sniffer wted w55808 scalper slapper z2 amd basename biff chfn chsh cron date du dirname echo egrep env find fingerd gpm grep hdparm su ifconfig inetd inetdconf init identd killall ldsopreload login ls lsof mail mingetty netstat named passwd pidof pop2 pop3 ps pstree rpcinfo rlogind rshd slogin sendmail sshd syslogd tar tcpd tcpdump top telnetd timed traceroute vdir w write

1. Login to your server as root. (SSH)

2. Down load the chkrootkit.
Type: wget

3. Unpack the chkrootkit you just downloaded.
Type: tar xvzf chkrootkit.tar.gz

4. Change to new directory

Type: cd chkrootkit*

5. Compile chkrootkit
Type: make sense

6. Run chkrootkit
Type: ./chkrootkit

If it says “Checking `bindshell’… INFECTED (PORTS: 465)”

This is normal and it is NOT really a virus.

Facebook Comments

More Stuff

Capitol Hill & the i2C On February 27th, I will be joining fellow Internet Infrastructure Coalition (i2C) board members for a day to meet with various Congress and media out...
How to Fix ERR_TOO_MANY_REDIRECTS on Your WordPress Site We come across a lot of different errors here at Kinsta, and ERR_TOO_MANY_REDIRECTS (also known as a redirect loop) is one we see on a regular basis. ...
Check Debian/Ubuntu Linux package version using apt-get/aptitude c... I am a new Debian / Ubuntu Linux sysadmin. I would like to find out what version I would install if I ran the apt-get command. How do I find out whic...
How Women Can Enter the Blockchain Industry Without a Technical Ba... By Flora Qu Anthurine Xiang (center) and team. More and more people are asking questions on Quora regarding how to enter the blockchain field, and s...
Spread the love

Posted by News Monkey