Rootkit Hunter V1.3.8

Rootkit Hunter (commonly abbreviated as “RKH”) is a security monitoring and analyzing tool for POSIX compliant systems, to help you detect known rootkits, malware and signal general bad security practices. Rootkits have a certain structure and files in certain areas, known to the Rootkit Hunter team. This is similar to virus signatures. RKH offers additional scans that may assist you.

ChangeLog :

  • Whitelist rootkit strings (RTKT_FILE_WHITELIST).
  • Whitelist items not always present (EXISTWHITELIST).
  • Whitelist combined pathname and port number (PORT_WHITELIST).
  • Added Whirlpool and Ripemd160 hashes to file properties check.
  • Support for DragonFly BSD.
  • Support for Solaris OS package management.
  • The ‘suspicious files’ check display each item individually.
  • The ‘–enable’ and ‘–disable’ command-line options may now be specified more than once.
  • Grsecurity-enabled systems may now run the network ‘ports’ test.
  • Allow test names for the ‘unhide’ command (UNHIDE_TESTS).
  • Rootkit checks added: OS X Togroot and Boonana (Koobface.A) trojan, Solaris Wanuk backdoor and worm and Inqtana worm.
  • Better support for *BSD commands and OS X.
For Installation,Modification and more read here 

Platform : Unix/Linux
Download Latest Version : rkhunter-1.3.8.tar.gz (241.6 kB)
Find Other version |
Read more In here :