pavement

Chkrootkit

From FreeBSDwiki
(Difference between revisions)
Jump to: navigation, search
m
m (Reverted edits by DavidYoung (talk) to last revision by 80.220.188.32)
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
[[chkrootkit]] is not part of the base install, which is a good thing, ultimately. [[chkrootkit]] is used to -- wait for it -- check for rootkits. Ideally, you'll never get hacked. But if you're unsure, you'll need to get a known-good version of chkrootkit as a first step in trying to find out if you ''have'' been hacked. So you'll want to install it from a CD, or download the binary from the internet from a known-trusted site. You don't want to keep a local copy on the machine in question because you'd never be sure if that wasn't hacked in some way and you really don't want to compile it on a machine that you suspect may be hacked.
+
[[chkrootkit]] is not part of the base install, which is a good thing, ultimately. [[chkrootkit]] is used to -- wait for it -- check for [[rootkit]]s. Ideally, you'll never get hacked. But if you're unsure, you'll need to get a known-good version of chkrootkit as a first step in trying to find out if you ''have'' been hacked. So you'll want to install it from a CD, or download the binary from the internet from a known-trusted site. You don't want to keep a local copy on the machine in question because you'd never be sure if that wasn't hacked in some way and you really don't want to compile it on a machine that you suspect may be hacked.
  
  
 
[[Category: Ports and Packages]]
 
[[Category: Ports and Packages]]
 
[[Category:Securing FreeBSD]]
 
[[Category:Securing FreeBSD]]

Latest revision as of 16:20, 25 August 2012

chkrootkit is not part of the base install, which is a good thing, ultimately. chkrootkit is used to -- wait for it -- check for rootkits. Ideally, you'll never get hacked. But if you're unsure, you'll need to get a known-good version of chkrootkit as a first step in trying to find out if you have been hacked. So you'll want to install it from a CD, or download the binary from the internet from a known-trusted site. You don't want to keep a local copy on the machine in question because you'd never be sure if that wasn't hacked in some way and you really don't want to compile it on a machine that you suspect may be hacked.

Personal tools