chkrootkit-0.48-14.el5.i386.rpm


Advertisement

Description

chkrootkit - Tool to locally check for signs of a rootkit

Distribution: CentOS 5
Repository: FlexBox i386
Package name: chkrootkit
Package version: 0.48
Package release: 14.el5
Package architecture: i386
Package type: rpm
Installed size: 633.02 KB
Download size: 285.38 KB
Official Mirror: flexbox.sourceforge.net
chkrootkit is a tool to locally check for signs of a rootkit. It contains: * chkrootkit: shell script that checks system binaries for rootkit modification. * ifpromisc: checks if the network interface is in promiscuous mode. * chklastlog: checks for lastlog deletions. * chkwtmp: checks for wtmp deletions. * chkproc: checks for signs of LKM trojans. * chkdirs: checks for signs of LKM trojans. * strings: quick and dirty strings replacement. * chkutmp: checks for utmp deletions.

Provides

  • chkrootkit = 0.48-14.el5
  • config(chkrootkit) = 0.48-14.el5

    Download

    Install Howto

    1. Download the latest flexbox-release rpm from
      http://flexbox.sourceforge.net/centos/5/i386/
    2. Install flexbox-release rpm:
      # rpm -Uvh flexbox-release*rpm
    3. Install chkrootkit rpm package:
      # yum install chkrootkit

    Files

    • /etc/pam.d/chkrootkit
    • /etc/security/console.apps/chkrootkit
    • /usr/bin/chkrootkit
    • /usr/bin/chkrootkitX
    • /usr/lib/chkrootkit-0.48/check_wtmpx
    • /usr/lib/chkrootkit-0.48/chkdirs
    • /usr/lib/chkrootkit-0.48/chklastlog
    • /usr/lib/chkrootkit-0.48/chkproc
    • /usr/lib/chkrootkit-0.48/chkrootkit
    • /usr/lib/chkrootkit-0.48/chkutmp
    • /usr/lib/chkrootkit-0.48/chkwtmp
    • /usr/lib/chkrootkit-0.48/ifpromisc
    • /usr/lib/chkrootkit-0.48/strings
    • /usr/lib/chkrootkit-0.48/strings-static
    • /usr/sbin/chkrootkit
    • /usr/share/applications/fedora-chkrootkit.desktop
    • /usr/share/doc/chkrootkit-0.48/ACKNOWLEDGMENTS
    • /usr/share/doc/chkrootkit-0.48/COPYRIGHT
    • /usr/share/doc/chkrootkit-0.48/README
    • /usr/share/doc/chkrootkit-0.48/README.chklastlog
    • /usr/share/doc/chkrootkit-0.48/README.chkwtmp
    • /usr/share/doc/chkrootkit-0.48/README.false_positives
    • /usr/share/doc/chkrootkit-0.48/chkrootkit.lsm
    • /usr/share/pixmaps/chkrootkit.png

    Changelog

    2009-07-24 - Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.48-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

    2009-07-22 - Jon Ciesla <limb@jcomserv.net> 0.48-13 - Additional items in chkutmp patch.

    2009-07-21 - Jon Ciesla <limb@jcomserv.net> 0.48-12 - Patch to fix crash in chkutmp on x86_64.

    2009-02-24 - Michael Schwendt <mschwendt@fedoraproject.org> - 0.48-11 - update .desktop file for Icon Theme Specification - no longer add X-Fedora category to .desktop file - Fedora > 10: conditional BR glibc-static as needed for strings-static

    2009-02-23 - Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.48-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

    2008-07-15 - Tom "spot" Callaway <tcallawa@redhat.com> - 0.48-9 - fix license tag

    2008-05-30 - Michael Schwendt <mschwendt@fedoraproject.org> - 0.48-8 - Let chkproc default to procps version 3.

    2008-04-09 - Michael Schwendt <mschwendt@fedoraproject.org> - 0.48-7 - Build with large file API (#441638).

    2008-03-18 - Michael Schwendt <mschwendt@fedoraproject.org> - 0.48-6 - Delete the "suspect PHP files" check. Not only does it trigger SIGPIPE for file names which contain special unescaped characters, the second half is doubtful (it doesn't print any filenames and gets confused by binary file contents).

    2008-02-12 - Michael Schwendt <mschwendt@fedoraproject.org> - 0.48-5 - Fix the empty warning of the shell history files anomalies check. - Initialise two variables in chkdirs.c to silence compiler.

    Advertisement
    Advertisement