The New Rootkit Hunter version 1.3.0 is out! Given the timeframe between releases the changelog is packed listing 34 new features, 47 changes and 16 bugfixes.
Rootkit Hunter (RKH) is an easy-to-use tool which checks computers running UNIX (clones) for the presence of rootkits and other unwanted tools.
Rootkits are hacker security tool that captures passwords and message traffic to and from a computer. A collection of tools that allows a hacker to provide a backdoor into a system, collect information on other systems on the network, mask the fact that the system is compromised, and much more. Rootkit is a classic example of Trojan Horse software. Rootkit is available for a wide range of operating systems including Microsoft Windows and Linux.
Some of the features of the new 1.3.0 version :
New command-line option '--propupd' replaces 'hashupd.sh'.
New command-line option '--pkgmgr' supporting RPM, Dpkg and BSD-style package managers.
New command-line option '--hash' to select the hash function command for the file hash value check and the properties update.
Added support for Ubuntu, and the 'dash' and 'ash' shells.
Added two new command-line and configuration file options, '--enable' and '--disable' to specify which tests are to be carried out and which are to be ignored.
Added support for Solaris 10 inetd mechanism (inetadm).
Application version numbers can now be whitelisted. This caters for those distributions that may patch a 'known bad' version, but without updating the original version number.
Download The Rootkit Hunter from the project's website
