Bug#243938: ITP: rkhunter -- Scan the system for rootkits, backdoors, sniffers and exploits
Package: wnpp
Severity: wishlist
* Package name : rkhunter
Version : 1.0.6
Upstream Author : Michael Boelen <michael@rootkit.nl>
* URL : http://www.rootkit.nl
* License : GPL
Description : Scan the system for rootkits, backdoors, sniffers and
exploits.
Rootkit Hunter scans your system for known and unknown rootkits,
backdoors, sniffers and exploits.
Some of the tests it does:
- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files
Some of the detected rootkits/backdoors/LKM's/worms:
55808 Trojan - Variant A, AjaKit, aPa Kit, Apache Worm,
Ambient (ark) Rootkit, BeastKit, BOBKit,
CiNIK Worm (Slapper.B variant), Danny-Boy's Abuse Kit,
Devil RootKit, Dica, Dreams Rootkit, Duarawkz Rootkit,
Flea Linux Rootkit, FreeBSD Rootkit, Fuck`it Rootkit,
GasKit, Heroin LKM, HjC Rootkit, ignoKit, ImperalsS-FBRK, Kitko,
Knark, Li0n Worm, Lockit / LJK2, MRK, RootKit for SunOS / NSDAP,
Optic Kit (Tux), Oz Rootkit, Portacelo, R3dstorm Toolkit, Portacelo,
Scalper Worm, Shutdown, SHV4, Sin Rootkit, Slapper, Sneakin Rootkit,
Suckit, SunOS Rootkit, Superkit, TBD (Telnet BackDoor), TeLeKiT,
T0rn Rootkit, Trojanit Kit, VcKit, Volc Rootkit, X-Org SunOS Rootkit,
zaRwT.KiT Rootkit, Anti Anti-sniffer, LuCe LKM, THC Backdoor
Please note that rkhunter does *not* guarantee, that your system has
not been cracked! You should also run additional tests, e.g. using
chkrootkit and other measures.
Uwe.
--
Uwe Hermann <uwe@hermann-uwe.de>
http://www.hermann-uwe.de
http://www.unmaintained-free-software.org
Reply to: