介绍
Rootkit Hunter扫描文件和系统以查找已知和未知的Rootkit、后门程序、嗅探器。 该软件包包含一个shell脚本、一些基于文本的数据库以及可选的Perl模块。它可以在几乎所有的类Unix运行。
依赖组件安装
# yum install lsof
# yum install epel-release
rkhunter安装
# yum --enablerepo=epel -y install rkhunter
# rkhunter --propupd
[ Rootkit Hunter version 1.4.6 ]
File created: searched for 176 files, found 135
# rkhunter --update
[ Rootkit Hunter version 1.4.6 ]
Checking rkhunter data files...
Checking file mirrors.dat [ Updated ]
Checking file programs_bad.dat [ Updated ]
Checking file backdoorports.dat [ No update ]
Checking file suspscan.dat [ Updated ]
Checking file i18n/cn [ No update ]
Checking file i18n/de [ Updated ]
Checking file i18n/en [ No update ]
Checking file i18n/tr [ Updated ]
Checking file i18n/tr.utf8 [ Updated ]
Checking file i18n/zh [ Updated ]
Checking file i18n/zh.utf8 [ Updated ]
Checking file i18n/ja [ Updated ]
# rkhunter --check --sk --rwo
Warning: Found passwordless account in shadow file: vulsuser
Warning: Unable to check for passwd file differences: no copy of the passwd file exists.
Warning: Unable to check for group file differences: no copy of the group file exists.
网友评论