Chkrootkit
From FreeBSDwiki
(Difference between revisions)
m (Reverted edits by DavidYoung (talk) to last revision by 80.220.188.32) |
|||
| (5 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
| − | [[chkrootkit]] is not part of the base install, which is a good thing, ultimately. [[chkrootkit]] is used to -- wait for it -- check for | + | [[chkrootkit]] is not part of the base install, which is a good thing, ultimately. [[chkrootkit]] is used to -- wait for it -- check for [[rootkit]]s. Ideally, you'll never get hacked. But if you're unsure, you'll need to get a known-good version of chkrootkit as a first step in trying to find out if you ''have'' been hacked. So you'll want to install it from a CD, or download the binary from the internet from a known-trusted site. You don't want to keep a local copy on the machine in question because you'd never be sure if that wasn't hacked in some way and you really don't want to compile it on a machine that you suspect may be hacked. |
| + | |||
| + | |||
| + | [[Category: Ports and Packages]] | ||
| + | [[Category:Securing FreeBSD]] | ||
Latest revision as of 16:20, 25 August 2012
chkrootkit is not part of the base install, which is a good thing, ultimately. chkrootkit is used to -- wait for it -- check for rootkits. Ideally, you'll never get hacked. But if you're unsure, you'll need to get a known-good version of chkrootkit as a first step in trying to find out if you have been hacked. So you'll want to install it from a CD, or download the binary from the internet from a known-trusted site. You don't want to keep a local copy on the machine in question because you'd never be sure if that wasn't hacked in some way and you really don't want to compile it on a machine that you suspect may be hacked.
