diff options
Diffstat (limited to 'system/chkrootkit/README')
-rw-r--r-- | system/chkrootkit/README | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/system/chkrootkit/README b/system/chkrootkit/README index 31c9fa8506..0ea9bf08e8 100644 --- a/system/chkrootkit/README +++ b/system/chkrootkit/README @@ -1,16 +1,17 @@ -chkrootkit (Check Rootkit) is a common unix-based program intended to help -system administrators check their system for known rootkits. It is a shell -script using common UNIX/Linux tools like the strings and grep commands to -search core system programs for signatures and for comparing a traversal of the -/proc filesystem with the output of the ps (process status) command to look for -discrepancies. +chkrootkit (Check Rootkit) is a common unix-based program intended to +help system administrators check their system for known rootkits. It is +a shell script using common UNIX/Linux tools like the strings and grep +commands to search core system programs for signatures and for comparing +a traversal of the /proc filesystem with the output of the ps (process +status) command to look for discrepancies. -It can be used from a "rescue disc" (typically a LiveCD) or it can optionally -use an alternative directory from which to run all of its own commands. These -techniques allow chkrootkit to trust the commands upon which it depends a bit -more. +It can be used from a "rescue disc" (typically a LiveCD) or it can +optionally use an alternative directory from which to run all of its own +commands. These techniques allow chkrootkit to trust the commands upon +which it depends a bit more. -There are inherent limitations to the reliability of any program that attempts -to detect compromises (such as rootkits and computer viruses). Newer rootkits -may specifically attempt to detect and compromise copies of the chkrootkit -programs or take other measures to evade detection by them. +There are inherent limitations to the reliability of any program that +attempts to detect compromises (such as rootkits and computer viruses). +Newer rootkits may specifically attempt to detect and compromise copies +of the chkrootkit programs or take other measures to evade detection by +them. |