A rootkit is a set of software tools frequently used by a third party (usually an intruder) after gaining access to a computer system. These tools are intended to conceal running processes, files or system data, which helps an intruder maintain access to a system without the user's knowledge. Rootkits are known to exist for a variety of operating systems such as Linux, Solaris and versions of Microsoft Windows. A computer with a rootkit on it is called a rooted computer.
- from Wikipedia
So, for the paranoid:
chkrootkit is a tool to locally check for signs of a rootkit.
Installation is a simple
# apt-get install chkrootkit
and then run it with
# chkrootkit
No comments:
Post a Comment