Checking Linux For Root Kits

View previous topic View next topic Go down

Checking Linux For Root Kits

Post by jamied_uk on 12th February 2017, 13:37



Code:

sudo apt-get install chkrootkit



sudo chkrootkit






howtoforge.com/tutorial/how-to-scan-linux-for-malware-and-rootkits
avatar
jamied_uk
Admin

Posts : 2199
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: Checking Linux For Root Kits

Post by jamied_uk on 12th February 2017, 13:53

To create a cron job like this:
0 3 * * * /usr/sbin/chkrootkit 2>&1 | mail -s "chkrootkit output of my server" you@yourdomain.com)
That would run chkrootkit every night a 3.00h. Replace the path to chkrootkit with the one that you got from which command above and exchange the email address with your real address.


Code:
crontab -e
avatar
jamied_uk
Admin

Posts : 2199
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: Checking Linux For Root Kits

Post by jamied_uk on 12th February 2017, 14:00

Code:
sudo apt-get install chkrootkit

Note: You will not need sudo commands in Kali Linux!



Code:
sudo chkrootkit





Code:

cd /tmp
wget https://cisofy.com/files/lynis-2.1.1.tar.gz
tar xvfz lynis-2.1.1.tar.gz
sudo mv lynis /usr/local/
sudo ln -s /usr/local/lynis/lynis /usr/local/bin/lynis



This will install lynis to the directory /usr/local/lynis and creates a symlink for easy access. Now run

Code:
lynis update info



to check if you use the latest version.

Now you can scan your system for rootkits by running:

lynis audit system



Privaliged Scan:

Code:
sudo lynis audit system





Code:
sudo chown -R root





http://jnet.forumn.biz/t1446-checking-linux-for-root-kits#2088
avatar
jamied_uk
Admin

Posts : 2199
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: Checking Linux For Root Kits

Post by jamied_uk on 12th February 2017, 14:02

To find installation type

Code:
which chkrootkit
avatar
jamied_uk
Admin

Posts : 2199
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: Checking Linux For Root Kits

Post by jamied_uk on 12th February 2017, 14:37




Locate:


Code:

sudo updatedb
locate chkrootkit




stackexchange.com/questions/124757/how-to-update-linux-locate-cache
avatar
jamied_uk
Admin

Posts : 2199
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: Checking Linux For Root Kits

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum