Description: In this video I take a look at the two software applications installed in Backtrack 5 designed to find possible rootkits on the operating system.
chkrootkit (Check Rootkit) is a common Unix-based program intended to help system administrators check their system for known rootkits. It is a shell script using common UNIX/Linux tools like the strings and grep commands to search core system programs for signatures and for comparing a traversal of the /proc filesystem with the output of the ps (process status) command to look for discrepancies.
Chkrootkit takes only a few moments to run while rkhunter takes about 20 minutes to analyze your computer.
rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online database, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD.
There is no full proof way to guarantee that your computer is not infected with a rootkit, but running these two applications can give you peace of mind if you feel you may have one. For more information visit Lecture Snippets at http://lecturesnippets.com
Tags: Backtrack , Gnome , chkrootkit , rkhunter ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
A rootkit takes "root" access in unix and "Administrator" access in windows in unauthorized way. these are some antirootkit tools.
video explanation is really good
thanks
rkhunter is better than Chkrootkit.
that is nice, but how can i find a rootkit on Windows???
is there any tool which is supporting a remote scans???
anyone?pls
Hi loop-back For Windows I'm Using Gmer
http://www.gmer.net/ Maybe You like it :)
Thank you for this wonderful video :)