CERN IT Department CERN Linux
CERN Tux

LinuxSoft Installation and Repository Service


Letter R

rkhunter - rkhunter scans for rootkits, backdoors and local exploits

Website: http://rkhunter.sourceforge.net/
License: GPL
Vendor: Scientific Linux CERN, http://cern.ch/linux
Description:
Rootkit scanner is [a] scanning tool to ensure you for about 99.9% you're
clean of nasty tools. This tool scans for rootkits, backdoors and local
exploits by running tests like:
	- MD5 hash compare
	- Look for default files used by rootkits
	- Wrong file permissions for binaries
	- Look for suspected strings in LKM and KLD modules
	- Look for hidden files
	- Optional scan within plaintext and binary files
	- Software version checks
	- Application tests

Rootkit Hunter is released as a GPL licensed project and free for
everyone to use.

  ********
This version has been customized/patched for CERN, and includes a
(patched) copy of "unhide" by yjesus AT security-projects.com

This version currently sends reports back to CERN, to evaluate for
false positives. If you do not want this, please don't install it.

Packages

rkhunter-1.3.4-6test.cern.i386 [750 KiB] Changelog by Jan Iven (2009-09-28):
- whitelist "fipscheck" hmac files
- turn off network port checks that give FPs
- minor tweaks for unhide output and patterns

Listing created by Repoview-0.6.5-1.el5