May 4th, 2009
Installing Rootcheck
Rootcheck is an open source rootkit detection and system auditing software.
How to use it
Download from :
http://www.ossec.net/rootcheck/files/rootcheck-2.0.tar.gz
* rootcheck requires the Perl Modules IO::Interface.
Rootcheck is a very simple software. Just unpack, compile and execute it. It will scan the system and print if it found or not anything.
-
wget http://www.ossec.net/rootcheck/files/rootcheck-2.0.tar.gz
-
tar -zxvf rootcheck-2.0.tar.gz
-
cd rootcheck-2.0
-
make all
-
./ossec-rootcheck
Rootkit detection
Criminals (also known as hackers) want to hide their actions, but using rootkit detection you can be notified when they (or trojans, viruses, etc) change your system in this way.
Active response
Take immediate and automatic responses when something happens. Why wait for hours when you can alert your admin and block an attack right way?
How To Scan the System
-
./rootcheck.pl
RootCheck. is an extremely useful open source software for servers since it scans the server and finds any problems on it.
