chkrootkit(1) General Commands Manual chkrootkit(1)NAME
chkrootkit - Determine whether the system is infected with a rootkit
SYNOPSIS
chkrootkit [OPTION]... [TESTNAME]...
DESCRIPTION
chkrootkit examines certain elements of the target system and determines whether they have been tampered with. Some tools which chkrootkit
applies while analyzing binaries and log files can be found at /usr/lib/chkrootkit.
OPTIONS -h Print a short help message and exit.
-V Print version information and exit.
-l Print available tests.
-d Enter debug mode.
-x Enter expert mode.
-e Exclude known false positive files/dirs, quoted, space separated.
-q Enter quiet mode.
-r dir Use dir as the root directory.
-p dir1:dir2:dirN
Specify the path for the external commands used by chkrootkit.
-n skip NFS mounted dirs
AUTHOR
Manual page written by Yotam Rubin <yotam@makif.omer.k12.il> and lantz moore <lmoore@debian.org> for the Debian project. It may be used by
others.
SEE ALSO strings(1)
10 January 2003 chkrootkit(1)
Check Out this Related Man Page
UPDATEDB(1L)UPDATEDB(1L)NAME
updatedb - update the slocate database
SYNOPSIS
updatedb [-u] [-u path] [-e path1,path2,...] [-f fstype1,...] [-l [01] ] [-q] [-v,--verbose] [-V, --version] [-h, --help] pattern...
DESCRIPTION
This manual page documents slocate, a security-enhanced version of locate. updatedb is simply a link to slocate that implies the -u
option.
OPTIONS -u Create slocate database starting at the root directory. This is the default behavior when called as updatedb.
-U path
Create slocate database starting at path path.
-e dirs
Exclude directories in the comma-separated list dirs from the slocate database.
-f fstypes
Exclude file systems in the comma-separated list dirs from the slocate database.
-l <num>
Security level. -l 0 turns security checks off, which will make searches faster. -l 1 turns security checks on. This is the
default.
-q Quiet mode; error messages are suppressed.
-v Verbose mode; display files indexed when creating database
--help Print a summary of the options to slocate and exit.
--version
Print the version number of slocate and exit.
ENVIRONMENT
SEE ALSO
locate(1L),
UPDATEDB(1L)
Hi,
Whenever I tried to run nmap on my linux (red hat 6.2) boxes i got these outputs:
4444/tcp filtered krb524
6666/tcp filtered irc-serv
6699/tcp filtered napster
8888/tcp filtered sun-answerbook
Can anybody please... (10 Replies)
I am looking for any utility that i can install to a linux server in order to scan said server and find out if there are any backdoor entries to the server. meaning, look for any user ID's and Passwords set up on the unit. and if there are any specific ports being used to access the server other... (4 Replies)
Version-Release number of selected component (if applicable):
==================================================================
root@server # cat /etc/redhat-release
Red Hat Enterprise Linux ES release 4 (Nahant Update 5)
root@server # uname -a
Linux server.integrityserver.net... (16 Replies)
Hi all,
I've a debian 4 etch machine which runs on a HP Proliant G5 server. My server became too slow yesterday. I restarted the it and also try to run in Run Level 1 but nothing changed. This is the status of my debian box:
top - 12:33:11 up 34 min, 3 users, load average: 0.00, 0.03, 0.21... (2 Replies)
Suse 10.3
ispconfig
Using as a web server, mail server.
I'm the only user.
These files:
/var/log/httpd/ispconfig_access_log_2008_08_28
/var/log/httpd/ispconfig_access_log_2008_08_29
vanished without a trace.
I still have older and newer files, but not these.
I have not deleted... (5 Replies)
Hello to all, I have a small question about AIDE logs.
I installed aide on RHEL :
# yum install aide -y
Ok, then run aide --init with default config file (/etc/aide.conf) I collect mail with statistic (Bash scripts with aide --check) AND SEEN THIS ! :
AIDE found differences between... (2 Replies)
I have a sun4u system running Solaris 8. I tried running the df command but it returns a blank result. Also I'm unable to collect an explorer from this system as the OS complains that the disk is full. What could be going on here? (10 Replies)
My understanding is that /usr/share/terminfo/x/ is populated from a standard set of files and not by compiling, i.e. tic, termcaps.
I am getting from both regular user and root when issuing:
man tic ------> WARNING: terminal is not fully functional
tset -q --------> xterm: unknown terminal type... (2 Replies)
hi guys
I'm having these problems with these commands and I have not idea why
# passwd
If 'passwd' is not a typo you can run the following command to lookup the package that contains the binary:
command-not-found passwd
-bash: passwd: command not found
# useradd temp
Warning:... (15 Replies)
When I choose to encrypt my drive during a Linux install, it encryps it, but I receive errors in dmesg and in ~/.xsessions-errors during use. The first error is in dmesg where it sometimes shows errors writing to the encypted device. The second error is in ~/.xsessions-errors with an error about... (0 Replies)