Chkrootkit

From charlesreid1

Revision as of 14:57, 9 March 2011 by Admin (talk | contribs) (Created page with "Sam Liston (Univ. of Utah CHPC) provided the following link to a rootkit-checking kit: ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz = Installation = == Mac == The R...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Sam Liston (Univ. of Utah CHPC) provided the following link to a rootkit-checking kit:

ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

Installation

Mac

The README contains installation instructions. However, to run chkrootkit, you will first have to build it. To get chkrootkit built on the Mac, you will have to change one line in the Makefile. Look for the following lines: 

###
### Mac OS X
###
# If you have Mac OS X, uncomment the next line
#STATIC =

and uncomment the STATIC line, so you should now have: 

###
### Mac OS X
###
# If you have Mac OS X, uncomment the next line
STATIC =

Then you can follow the rest of the instructions in the README and build using the command 

$ make sense

Usage

Chkrootkit is straightforward to use. Run this command from wherever you built it: 

./chkrootkit
Retrieved from "https://charlesreid1.com/w/index.php?title=Chkrootkit&oldid=1501"