rkhunter-1.1.9-1.ps.noarch.rpm available (fwd)
David Kramer
david at thekramers.net
Mon Jan 3 15:51:14 EST 2005
>From the SUSE mailing list, but available for other platforms.
---
DDDD David Kramer http://thekramers.net
DK KD "In a time of drastic change it is the learners who inherit
DKK D the future. The learned usually find themselves equipped to
DK KD live in a world that no longer exists."
DDDD - Eric Hoffer (1902-1983)
---------- Forwarded message ----------
Date: Tue, 28 Dec 2004 15:23:07 -0500
From: Patrick Shanahan <ptilopteri at gmail.com>
To: SLE <suse-linux-e at suse.com>
Subject: [SLE] rkhunter-1.1.9-1.ps.noarch.rpm available
rkhunter-1.1.9-1.ps.noarch.rpm is available for download:
http://wahoo.no-ip.org/~pat/rkhunter-1.1.9-1.ps.noarch.rpm
Rootkit Hunter scans files and systems for known and unknown rootkits,
backdoors, and sniffers. The package contains one shell script, a few
text-based databases, and optional Perl modules. It should run on
almost every Unix clone.
This release contains support for RH-Sharpe's rootkit and the SHV5
rootkit, a special test for tripwire, metalog (syslog), and support
for many new distributions. Many MD5 hashes have been added to the
database, and some code/documentation cleanup has been performed.
Description
Rootkit scanner is scanning tool to ensure you for about 99.9%*
you're clean of nasty tools. This tool scans for rootkits, backdoors
and local exploits by running tests like:
- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files
Rootkit Hunter is released as GPL licensed project and free for
everyone to use.
* No, not really 99.9%.. It's just another security layer
* 1.1.9 (28/12/2004)
New:
- Added RH-Sharpe's rootkit (rootkit)
- Added SHV5 rootkit (rootkit)
- Added special test for tripwire
- Added support for metalog (syslog daemon)
- Added support for ALTLinux 2.2 and 2.4
- Added support for CentOS 3.3
- Added support for Gentoo 1.6
- Added support for FreeBSD 4.10 (alpha platform)
- Added support for SuSE SLES8. Thanks to Mario Lenz
- Added support for SuSE 9.2 (i586)
- Added support for Fedora Core 3
- Added support for Red Hat Enterprise Linux ES/WS release 4
- Added hashes for Fedora Core 3. Thanks to Steph
- Official port is now available for ALTLinux
- Change text when an old software package has been found. This will
happen with backporting operating systems (Red Hat, Fedora etc)
Changes:
- Improved logging for lsof test
- Updated hashes for Fedora Core 1
- Updated hashes for Debian woody
- Updated hashes for Red Hat Enterprise Linux ES/WS release 3
- Updated hashes for Slackware 9
- Updated hashes for Slackware 10
- Updated hashes for SuSE 9.1
- Updated wishlist/todo, updated readme and manpage.
- Code cleanup (added more remarks, cleanup of old/buggy things)..
- Improved logging
Bugfixes:
- Changed binary search path due typo. Thanks to Bertrand
author: Michael Boelen <michael at rootkit.nl>
http://www.rootkit.nl
--
Patrick Shanahan Registered Linux User #207535
http://wahoo.no-ip.org @ http://counter.li.org
HOG # US1244711 Photo Album: http://wahoo.no-ip.org/photos
--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help at suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq at suse.com
More information about the Discuss
mailing list