Loading AI tools
Software From Wikipedia, the free encyclopedia
Chkrootkit (Check Rootkit) is a widely used Unix-based utility designed to aid system administrators in examining their systems for rootkits. Operating as a shell script, it leverages common Unix/Linux tools such as the strings
and grep
command. The primary purpose is to scan core system programs for identifying signatures and to compare data obtained from traversal the /proc
with the output derived from the ps
(process status) command, aiming to identify inconsistencies. It offers flexibility in execution, allowing it to function from a rescue disc, often a live CD, and provides an optional alternative directory for executing its commands. These approaches enhance chkrootkit's reliance on the commands it employs.[1]
This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)
|
Developer(s) | Nelson Murilo Klaus Steding-Jessen |
---|---|
Stable release | 0.57
/ Jan 13 2023 |
Repository | |
Operating system | Linux, FreeBSD, OpenBSD, NetBSD, Solaris, HP-UX, Tru64, BSD/OS, Mac OS X |
Type | Rootkit Detector |
Website | www |
It's crucial to recognize the inherent limitations of any program that strives to detect compromises, including rootkits and malware. Modern rootkits might deliberately attempt to identify and target copies of the chkrootkit program, or adopt other strategies to elude detection by it.
Seamless Wikipedia browsing. On steroids.
Every time you click a link to Wikipedia, Wiktionary or Wikiquote in your browser's search results, it will show the modern Wikiwand interface.
Wikiwand extension is a five stars, simple, with minimum permission required to keep your browsing private, safe and transparent.