chkrootkit - Scan for Rootkits

This guide explains how to find rootkits, worms, Loadable Kernel Modules(LKMs) using chkrootkit. But first we need to install chkroot package before we start using it.

sudo apt-get -y install chkrootkit

Now run the following command to check for presence of infected binaries.

sudo chkroot

chkroot command checks for following worms, rootkits and LKMs

  • lrk3, lrk4, lrk5, lrk6 (and variants)
  • Solaris rootkit
  • FreeBSD rootkit
  • t0rn (and variants)
  • Ambient's Rootkit (ARK)
  • Ramen Worm
  • rh[67]-shaper
  • RSHA
  • Romanian rootkit
  • RK17
  • Lion Worm
  • Adore Worm
  • LPD Worm
  • kenny-rk
  • Adore LKM
  • ShitC Worm
  • Omega Worm
  • Wormkit Worm
  • Maniac-RK
  • dsc-rootkit
  • Ducoci rootkit
  • x.c Worm
  • RST.b trojan
  • duarawkz
  • knark LKM
  • Monkit
  • Hidrootkit
  • Bobkit
  • Pizdakit
  • t0rn v8.0
  • Showtee
  • Optickit
  • T.R.K
  • MithRa's Rootkit
  • George
  • SucKIT
  • Scalper
  • Slapper A, B, C and D
  • OpenBSD rk v1
  • Illogic rootkit
  • SK rootkit
  • sebek LKM
  • Romanian rootkit
  • LOC rootkit
  • shv4 rootkit
  • Aquatica rootkit
  • ZK rootkit
  • 55808.A Worm
  • TC2 Worm
  • Volc rootkit
  • Gold2 rootkit
  • Anonoying rootkit
  • Shkit rootkit
  • AjaKit rootkit
  • zaRwT rootkit
  • Madalin rootkit
  • Fu rootkit
  • Kenga3 rootkit
  • ESRK rootkit
  • rootedoor rootkit
  • Enye LKM
  • Lupper.Worm
  • shv5

Comments

Anonymous said…
i type chkrootkit. it says it detecs possibles trojan. can it clean as well?
vamsee said…
No, Its just an early warning system.
Anonymous said…
The name of the command as well as of the package is chkrootkit not chkroot

Popular posts from this blog

Easy network traffic shaping on your ubuntu system

winetricks - install wine application perquisites with ease

Multi touch for any,all synaptics touchpad