Rootkit Hunter Scans for Rootkits, Backdoors, and Local Exploits

Overview Repositories Revisions Requests Users Attributes Meta

Rootkit Hunter Scans for Rootkits, Backdoors, and Local Exploits

http://rkhunter.sourceforge.net

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. This tool scans for rootkits, backdoors, and local exploits by running tests like:

* Comparing MD5 hashes

* Looking for default files used by rootkits

* Checking for wrong file permissions for binaries

* Looking for suspected strings in LKM and KLD modules

* Looking for hidden files

* Optionally scanning within plain text and binary files

* Checking software versions

* Testing applications

Authors:
--------
Michael Boelen

Devel package for openSUSE:Factory
5 derived packages
Derived Packages
home:lemmy04

home:ecsos

home:plater

home:Andreas_Schwab:Factory

home:illuusio
Cancel
Links to openSUSE:Factory / rkhunter
Download package
Checkout Package
osc -A https://api.opensuse.org checkout security/rkhunter && cd $_
Create Badge

Build Results
RPM Lint

Refresh

Source Files

Filename	Size	Changed
_link	0000000143 143 Bytes	about 13 years ago
rkhunter-1.4.0.tar.gz	0000244552 239 KB	over 12 years ago
rkhunter-README.SuSE	0000000266 266 Bytes	over 16 years ago
rkhunter-installer-fix.patch	0000001323 1.29 KB	over 12 years ago
rkhunter.changes	0000010160 9.92 KB	over 12 years ago
rkhunter.cron	0000002029 1.98 KB	about 13 years ago
rkhunter.logrotate	0000000163 163 Bytes	over 17 years ago
rkhunter.spec	0000005747 5.61 KB	over 12 years ago
rkhunter.sysconfig	0000002069 2.02 KB	about 16 years ago

Revision 9 (latest revision is 63)

Sascha Manns (saigkill) committed over 12 years ago (revision 9)

- updated to 1.4.0
 * 1.4.0 (01/05/2012)
 New:
 - Added the '--list propfiles' command-line option. This will dump
   out the list of filenames that will be searched for when building the
   fileproperties database. By default the list is not shown if just
   '--list' is used.
 - Added Jynx rootkit check.
 - Added Turtle/Turtle2 rootkit check.
 - Added KBeast rootkit check.
 - The installer now supports the Slackware TXZ package layout option.
 Changes:
 - Avoid checking exclamation points in ALLOWDEVFILE checks (this was
   caught on 01/05/2012 causing a reissue of the 1.4.0 release).
 - Allow the ALLOWDEVFILE, ALLOWHIDDENFILE and ALLOWHIDDENDIR options
   to
   use '%' as the space character. (Note: This is a temporary fix).
 - The ALLOWPROCDELFILE option can now use wildcards in the file
   names.
 - The '--list perl' command-line option now shows whether the perl
   command itself is installed or not.
 - The 'shared_libs' test now allows whitelisting of the preloading
   environment variables.
 - The '-r/--rootdir' command-line options, and the ROOTDIR
   configuration option are now deprecated. If they are used then an
   error message will be displayed. The options will have no effect,
   but rkhunter will continue. The options will be completely removed
   at the next release.
 - The 'hidden_ports' test will now show if a found port is TCP or
   UDP.

Places