chkrootkit インストール手順 の変更点

• 追加された行はこの色です。
• 削除された行はこの色です。
• chkrootkit インストール手順 へ行く。
• chkrootkit インストール手順 の差分を削除

*chkrootkit インストール手順 [#f060b9b0]
#contents

**chkrootkitとは [#h127d173]
chkrootkitとはクラックツールであるrootkitの検出を行うためのツールである。~
通常のrootkitの他に、LKM(Linux Kernel Modules)として動作するLKM rootkitの検出も行うことが可能である。~

**配布元 [#z6028280]
-chkrootkit 配布元~
http://www.chkrootkit.org/

-chkrootkit ダウンロード元~
ftp://ftp.pangeia.com.br/pub/seg/pac/

**インストール手順 [#i65c8902]

-tar ballをダウンロードし展開する。
 wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
 tar xfvz chkrootkit.tar.gz
 cd ./chkrootkit-0.42

-ソースをコンパイルする
 make sense

**使用方法 [#x58955b2]
以下を実行することで、rootkitの検出を行う。~

 ./chkrootkit

実行後、以下の様な返り値が得られる。

 # ./chkrootkit
 ROOTDIR is `/'
 Checking `amd'... not found
 Checking `basename'... not infected
 Checking `biff'... not found
 Checking `chfn'... not infected
 Checking `chsh'... not infected
 Checking `cron'... not infected
 Checking `date'... not infected
 Checking `du'... not infected
 Checking `dirname'... not infected
 Checking `echo'... not infected
 Checking `egrep'... not infected
 Checking `env'... not infected
 Checking `find'... not infected
 Checking `fingerd'... not found
 Checking `gpm'... not infected
 Checking `grep'... not infected
 Checking `hdparm'... not infected
 Checking `su'... not infected
 Checking `ifconfig'... not infected
 Checking `inetd'... not tested
 Checking `inetdconf'... not found
 Checking `identd'... not found
 Checking `init'... not infected
 Checking `killall'... not infected
 Checking `ldsopreload'... not infected
 Checking `login'... not infected
 Checking `ls'... not infected
 Checking `lsof'... not infected
 Checking `mail'... not infected
 Checking `mingetty'... not infected
 Checking `netstat'... not infected
 Checking `named'... not infected
 Checking `passwd'... not infected
 Checking `pidof'... not infected
 Checking `pop2'... not found
 Checking `pop3'... not found
 Checking `ps'... not infected
 Checking `pstree'... not infected
 Checking `rpcinfo'... not infected
 Checking `rlogind'... not found
 Checking `rshd'... not found
 Checking `slogin'... not infected
 Checking `sendmail'... not infected
 Checking `sshd'... not infected
 Checking `syslogd'... not infected
 Checking `tar'... not infected
 Checking `tcpd'... not infected
 Checking `tcpdump'... not infected
 Checking `top'... not infected
 Checking `telnetd'... not found
 Checking `timed'... not found
 Checking `traceroute'... not infected
 Checking `vdir'... not infected
 Checking `w'... not infected
 Checking `write'... not infected
 Checking `aliens'... no suspect files
 Searching for sniffer's logs, it may take a while... nothing found
 Searching for HiDrootkit's default dir... nothing found
 Searching for t0rn's default files and dirs... nothing found
 Searching for t0rn's v8 defaults... nothing found
 Searching for Lion Worm default files and dirs... nothing found
 Searching for RSHA's default files and dir... nothing found
 Searching for RH-Sharpe's default files... nothing found
 Searching for Ambient's rootkit (ark) default files and dirs... nothing found
 Searching for suspicious files and dirs, it may take a while...
 /usr/lib/perl5/5.8.0/i386-linux-thread-multi/.packlist 
 
 Searching for LPD Worm files and dirs... nothing found
 Searching for Ramen Worm files and dirs... nothing found
 Searching for Maniac files and dirs... nothing found
 Searching for RK17 files and dirs... nothing found
 Searching for Ducoci rootkit... nothing found
 Searching for Adore Worm... nothing found
 Searching for ShitC Worm... nothing found
 Searching for Omega Worm... nothing found
 Searching for Sadmind/IIS Worm... nothing found
 Searching for MonKit... nothing found
 Searching for Showtee... nothing found
 Searching for OpticKit... nothing found
 Searching for T.R.K... nothing found
 Searching for Mithra... nothing found
 Searching for LOC rootkit ... nothing found
 Searching for Romanian rootkit ... nothing found
 Searching for HKRK rootkit ... nothing found
 Searching for Suckit rootkit ... nothing found
 Searching for Volc rootkit ... nothing found
 Searching for Gold2 rootkit ... nothing found
 Searching for TC2 Worm default files and dirs... nothing found
 Searching for Anonoying rootkit default files and dirs... nothing found
 Searching for ZK rootkit default files and dirs... nothing found
 Searching for ShKit rootkit default files and dirs... nothing found
 Searching for anomalies in shell history files... nothing found
 Checking `asp'... not infected
 Checking `bindshell'... not infected
 Checking `lkm'... nothing detected
 Checking `rexedcs'... not found
 Checking `sniffer'... Checking `w55808'... not infected
 Checking `wted'... nothing deleted
 Checking `scalper'... not infected
 Checking `slapper'... not infected
 Checking `z2'... nothing deleted