1 Chkrootkit is a tool to locally check for signs of a rootkit. 2 ------------------------------------------------------------- 3 4 It contains: 5 6 * chkrootkit: a shell script that checks system binaries for 7 rootkit modification. 8 * ifpromisc.c: checks if the network interface is in promiscuous 9 mode. 10 * chklastlog.c: checks for lastlog deletions. 11 * chkwtmp.c: checks for wtmp deletions. 12 * check_wtmpx.c: checks for wtmpx deletions. (Solaris only) 13 * chkproc.c: checks for signs of LKM trojans. 14 * chkdirs.c: checks for signs of LKM trojans. 15 * strings.c: quick and dirty strings replacement. 16 * chkutmp.c: checks for utmp deletions. 17 18 For an updated list of rootkits, worms and LKMs detected by 19 chkrootkit please visit: http://www.chkrootkit.org/ 20 21Nelson Murilo <nmurilo@gmail.com> 22Klaus Steding-Jessen <jessen@cert.br> 23