Difference between revisions of "Rkhunter"

From ArchWiki
Jump to navigation Jump to search
(Created page, added Categories, and Related articles.)
 
(Added summary, and cleaned up white space.)
Line 1: Line 1:
 
{{Lowercase title}}
 
{{Lowercase title}}
 
 
[[Category:Security]]
 
[[Category:Security]]
 
[[Category:Intrusion detection]]
 
[[Category:Intrusion detection]]
 
 
{{Related articles start}}
 
{{Related articles start}}
 
{{Related|Security}}
 
{{Related|Security}}
Line 9: Line 7:
 
{{Related|AIDE}}
 
{{Related|AIDE}}
 
{{Related articles end}}
 
{{Related articles end}}
 +
 +
 +
'''rkhunter''' (Rootkit Hunter) is a security monitoring tool for POSIX compliant systems. It scans for rootkits, and other possible vulnerabilities. It does so by searching for the default directories (of rootkits), misconfigured permissions, hidden files, kernel modules containing suspicious strings, and comparing hashes of important files with known good ones.
 +
 +
It is written in [[Bash]], to allow for portability, and can run on most UNIX-based systems.

Revision as of 19:54, 8 April 2019


rkhunter (Rootkit Hunter) is a security monitoring tool for POSIX compliant systems. It scans for rootkits, and other possible vulnerabilities. It does so by searching for the default directories (of rootkits), misconfigured permissions, hidden files, kernel modules containing suspicious strings, and comparing hashes of important files with known good ones.

It is written in Bash, to allow for portability, and can run on most UNIX-based systems.