slackbuilds/system/chkrootkit
Willy Sudiarto Raharjo dc1daa2e54 system/chkrootkit: Updated for version 0.52.
Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
2017-03-17 22:21:44 +07:00
..
README
chkrootkit.SlackBuild system/chkrootkit: Updated for version 0.52. 2017-03-17 22:21:44 +07:00
chkrootkit.info system/chkrootkit: Updated for version 0.52. 2017-03-17 22:21:44 +07:00
slack-desc various: Fix slack-desc formatting and comment nit picks. 2013-11-22 02:29:22 -05:00

README

chkrootkit (Check Rootkit) is a common unix-based program intended to help 
system administrators check their system for known rootkits. It is a shell 
script using common UNIX/Linux tools like the strings and grep commands to 
search core system programs for signatures and for comparing a traversal of the 
/proc filesystem with the output of the ps (process status) command to look for 
discrepancies.

It can be used from a "rescue disc" (typically a LiveCD) or it can optionally 
use an alternative directory from which to run all of its own commands. These 
techniques allow chkrootkit to trust the commands upon which it depends a bit 
more.

There are inherent limitations to the reliability of any program that attempts 
to detect compromises (such as rootkits and computer viruses). Newer rootkits 
may specifically attempt to detect and compromise copies of the chkrootkit 
programs or take other measures to evade detection by them.