Rootkit查杀
🧨

Rootkit查杀

Published
March 27, 2023
Category
应急响应与取证
Subcategory
事件响应流程与策略
Tags
Linux
chkrootkit
Rkhunter
Rootkit查杀
Author
KK
Notes
本文介绍了两种Linux下的Rootkit查杀工具:chkrootkit和Rkhunter。提供了编译安装及使用方法,并给出了相关链接和命令。

chkrootkit

  • https://www.cnblogs.com/liujianxin/p/12599908.html
  • http://www.chkrootkit.org
编译安装及使用:
yum -y install gcc gcc-c++ make glibc*
wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
tar zxvf chkrootkit.tar.gz
cd chkrootkit-0.52
make sense
编译完成没有报错的话执行检查
./chkrootkit

Rkhunter

yum -y install epel-release
yum -y install rkhunter
rkhunter -c
或者
wget https://nchc.dl.sourceforge.net/project/rkhunter/rkhunter/1.4.4/rkhunter-1.4.4.tar.gz
tar -zxvfrkhunter-1.4.4.tar.gz
cdrkhunter-1.4.4
./installer.sh --install
rkhunter -c