Chkrootkit
From FreeBSDwiki
(Difference between revisions)
m |
m (Reverted edits by DavidYoung (talk) to last revision by 80.220.188.32) |
||
(2 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | [[chkrootkit]] is not part of the base install, which is a good thing, ultimately. [[chkrootkit]] is used to -- wait for it -- check for | + | [[chkrootkit]] is not part of the base install, which is a good thing, ultimately. [[chkrootkit]] is used to -- wait for it -- check for [[rootkit]]s. Ideally, you'll never get hacked. But if you're unsure, you'll need to get a known-good version of chkrootkit as a first step in trying to find out if you ''have'' been hacked. So you'll want to install it from a CD, or download the binary from the internet from a known-trusted site. You don't want to keep a local copy on the machine in question because you'd never be sure if that wasn't hacked in some way and you really don't want to compile it on a machine that you suspect may be hacked. |
[[Category: Ports and Packages]] | [[Category: Ports and Packages]] | ||
[[Category:Securing FreeBSD]] | [[Category:Securing FreeBSD]] |
Latest revision as of 16:20, 25 August 2012
chkrootkit is not part of the base install, which is a good thing, ultimately. chkrootkit is used to -- wait for it -- check for rootkits. Ideally, you'll never get hacked. But if you're unsure, you'll need to get a known-good version of chkrootkit as a first step in trying to find out if you have been hacked. So you'll want to install it from a CD, or download the binary from the internet from a known-trusted site. You don't want to keep a local copy on the machine in question because you'd never be sure if that wasn't hacked in some way and you really don't want to compile it on a machine that you suspect may be hacked.