[SLE] rkhunter-1.1.9-1.ps.noarch.rpm available

From: Patrick Shanahan (ptilopteri_at_gmail.com)
Date: 12/28/04

  • Next message: Terence McCarthy: "Re: [SLE] rkhunter-1.1.9-1.ps.noarch.rpm available"
    Date: Tue, 28 Dec 2004 15:23:07 -0500
    To: SLE <suse-linux-e@suse.com>
    
    

    rkhunter-1.1.9-1.ps.noarch.rpm is available for download:
      http://wahoo.no-ip.org/~pat/rkhunter-1.1.9-1.ps.noarch.rpm
      
    Rootkit Hunter scans files and systems for known and unknown rootkits,
    backdoors, and sniffers. The package contains one shell script, a few
    text-based databases, and optional Perl modules. It should run on
    almost every Unix clone.

    This release contains support for RH-Sharpe's rootkit and the SHV5
    rootkit, a special test for tripwire, metalog (syslog), and support
    for many new distributions. Many MD5 hashes have been added to the
    database, and some code/documentation cleanup has been performed.

    Description

        Rootkit scanner is scanning tool to ensure you for about 99.9%*
        you're clean of nasty tools. This tool scans for rootkits, backdoors
        and local exploits by running tests like:

        - MD5 hash compare
        - Look for default files used by rootkits
        - Wrong file permissions for binaries
        - Look for suspected strings in LKM and KLD modules
        - Look for hidden files
        - Optional scan within plaintext and binary files
                            
        Rootkit Hunter is released as GPL licensed project and free for
        everyone to use.

        * No, not really 99.9%.. It's just another security layer
        
        
     * 1.1.9 (28/12/2004)
                                                     
    New:
     - Added RH-Sharpe's rootkit (rootkit)
     - Added SHV5 rootkit (rootkit)
     - Added special test for tripwire
     - Added support for metalog (syslog daemon)
     - Added support for ALTLinux 2.2 and 2.4
     - Added support for CentOS 3.3
     - Added support for Gentoo 1.6
     - Added support for FreeBSD 4.10 (alpha platform)
     - Added support for SuSE SLES8. Thanks to Mario Lenz
     - Added support for SuSE 9.2 (i586)
     - Added support for Fedora Core 3
     - Added support for Red Hat Enterprise Linux ES/WS release 4
     - Added hashes for Fedora Core 3. Thanks to Steph
     - Official port is now available for ALTLinux
     - Change text when an old software package has been found. This will
       happen with backporting operating systems (Red Hat, Fedora etc)
                                                             

    Changes:
     - Improved logging for lsof test
     - Updated hashes for Fedora Core 1
     - Updated hashes for Debian woody
     - Updated hashes for Red Hat Enterprise Linux ES/WS release 3
     - Updated hashes for Slackware 9
     - Updated hashes for Slackware 10
     - Updated hashes for SuSE 9.1
     - Updated wishlist/todo, updated readme and manpage.
     - Code cleanup (added more remarks, cleanup of old/buggy things)..
     - Improved logging
                                                     
    Bugfixes:
     - Changed binary search path due typo. Thanks to Bertrand

    author: Michael Boelen <michael@rootkit.nl>
    http://www.rootkit.nl

    -- 
    Patrick Shanahan                        Registered Linux User #207535
    http://wahoo.no-ip.org                        @ http://counter.li.org
    HOG # US1244711           Photo Album:  http://wahoo.no-ip.org/photos
    -- 
    Check the headers for your unsubscription address
    For additional commands send e-mail to suse-linux-e-help@suse.com
    Also check the archives at http://lists.suse.com
    Please read the FAQs: suse-linux-e-faq@suse.com
    

  • Next message: Terence McCarthy: "Re: [SLE] rkhunter-1.1.9-1.ps.noarch.rpm available"

    Relevant Pages

    • RE: Release of Rootkit Hunter 1.0.0
      ... There are some free windows rootkit detectors... ... > support for rootkits, new 3rd party support, extra program parameters, ...
      (Focus-IDS)
    • Re: Solaris 10 - Rootkit detection
      ... You can boot from known-good media, create hashes of your ... I am working on Rootkit Detection on Solaris 10 OS on Spaarc. ... Securing Apache Web Server with thawte Digital Certificate ...
      (Security-Basics)