Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Mon, 3 Jan 2005, David Kramer wrote: > Rootkit Hunter scans files and systems for known and unknown rootkits, > backdoors, and sniffers. The package contains one shell script, a few > text-based databases, and optional Perl modules. It should run on > almost every Unix clone. Without statically compiled programs for the script to run, how do you know you can trust the restults? A number of rootkits will actually provide a trojoned md5sum that will just give you the results you're looking for rather than the real results for the modified binaries. chkrootkit (http://www.chkrootkit.org/) is designed to be compiled on a known good host, then copied to the system that you're not sure about. All programs used are statically compiled binaries protecting against this sort of thing.
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |