Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 28 Nov 2014, 23:59
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
Rootkit Hunter
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [7 Posts]  
Author Message
aragon

Joined: 15 Oct 2007
Posts: 1698
Location: Germany

PostPosted: Fri 18 Jul 2008, 05:27    Post subject:  Rootkit Hunter  

Homepage: http://www.rootkit.nl/projects/rootkit_hunter.html
Version: 1.3.4
Quote:

Description

Rootkit scanner

Project information

Rootkit scanner is scanning tool to ensure you for about 99.9%* you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:

- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files

Rootkit Hunter is released as GPL licensed project and free for everyone to use.

* No, not really 99.9%.. It's just another security layer


runtt21 asked for this (http://www.murga-linux.com/puppy/viewtopic.php?t=31489)

start in a terminal with 'rkhunter' .

Compiled in Puppy 4.21.

cheers
aragon
rkhunter-1.3.4.pet
Description 
pet

 Download 
Filename  rkhunter-1.3.4.pet 
Filesize  213.09 KB 
Downloaded  1518 Time(s) 

_________________
PUPPY SEARCH: http://wellminded.com/puppy/pupsearch.html

Last edited by aragon on Fri 21 Aug 2009, 11:00; edited 1 time in total
Back to top
View user's profile Send private message 
runtt21


Joined: 07 Jun 2008
Posts: 1650
Location: BigD Texas

PostPosted: Fri 18 Jul 2008, 09:23    Post subject: Thank you  

WOW,Thank you very much!!!! How did you make it?
Back to top
View user's profile Send private message Visit poster's website 
aragon

Joined: 15 Oct 2007
Posts: 1698
Location: Germany

PostPosted: Fri 21 Aug 2009, 11:01    Post subject:  

uploaded actual version, see main post.

aragon

_________________
PUPPY SEARCH: http://wellminded.com/puppy/pupsearch.html
Back to top
View user's profile Send private message 
paradj


Joined: 09 Jun 2010
Posts: 9

PostPosted: Mon 06 Dec 2010, 11:02    Post subject: rkhunter and 5.10 (lucid)
Subject description: using sourceforge installer tar.gz
 

in this distro most debian-targeted source installer shell scripts work Rolling Eyes
but some get this error"

"$DEB_BUILD_ROOT variable not found."

for rkhunter v1.3.8, this can be fixed using the information here:

http://www.mail-archive.com/rkhunter-users@lists.sourceforge.net/msg01806.html

in a nutshell for v1.3.8

line 176
if [ -n "${DEB_BUILD_ROOT}" ]; then

change to:

if [ -n "$DEB_BUILD_ROOT+x}" ]; then
Back to top
View user's profile Send private message 
nyunda

Joined: 12 Apr 2011
Posts: 5
Location: west java

PostPosted: Thu 14 Apr 2011, 14:36    Post subject:  

im newbie, i use puppy 520, i run rkhunter -c on rkhunter 1.3.6 & find 1 possible rootkit Xzibit Rootkit.

Found string 'hdparm' in file '/etc/rc.d/rc.sysinit'. Possible rootkit: Xzibit Rootkit

its rootkit or false positive?

& command rkhunter -c is only for check or remove?

thanks
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Thu 14 Apr 2011, 15:07    Post subject:  

You use it in Lupu 520 and it is " Compiled in Puppy 4.21"

Could that change something or are such programs immune to such differences?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
DPUP5520

Joined: 16 Feb 2011
Posts: 801

PostPosted: Fri 15 Apr 2011, 09:00    Post subject:  

This was happening with another rootkit hunter that someone else had installed, i believe it was chrootkit, except the person was being shown about 10 positives instead of just your one. The best and easiet way to see if it is showing a false positive is to check rootkit it is showing and take a screenshot and then pop in a live cd and boot from that and install and run the program again from there, if it comes out showing the same rootkit than it is a false positive.
_________________
PupRescue 2.5
Puppy Crypt 528
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [7 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0662s ][ Queries: 13 (0.0140s) ][ GZIP on ]