Re: identifying files found by rkhunter

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MEdward Norton at <-
M 
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Edward Norton
Date:  
To: Main PLUG discussion list
Subject: Re: identifying files found by rkhunter
As an afterthought, what I would recommend, is taking a look at Zeppoo(
zeppoo.net). FYI, zeppoo is 2.6 only.

>From the docs:
"Zeppoo allows you to detect rootkits on the i386 architecture under Linux
by using /dev/kmem and /dev/mem. It can also detect hidden tasks, modules,
syscalls, some corrupted symbols, and hidden connections. Anti-Rootkits
which don't use these methods can be fooled easily."

Also of interest,

Bypassing Chkrootkit(translated):
http://translate.google.com/translate?u=http%3A%2F%2Fwww.zeppoo.net%2Farticles%2FBypasserChkrootkit&langpair=fr%7Cen&hl=en&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: identifying files found by rkhunterRe: Wifi Blobs->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)