Questions about rootkits. What are signs that you got one? How to confirm or disprove the suspicion. Tools for the detection of rootkits.
Questions tagged [rootkit]
57 questions
3
votes
2 answers
chrootkit suspicious files and directory detected
I made a chrootkit scan.And it found something,it doesnt say any recommendations on the detection of the files or directories.
Any suggestions?
results are:
The following suspicious files and directories were found:
/usr/lib/debug/.build-id…
obo
- 159
2
votes
1 answer
Does Aide compare against repo versions or only against my own files?
Is there any point in installing Aide on a long-installed machine? or is it only trustworthy if installed immediately after a fresh install or run from thumb drive?
Background:
A non-techy friend has a laptop that I help him stay in business with. …
Martin Moops
- 121
2
votes
2 answers
Detecting rootkit without another computer
If a rootkit has been installed without my knowledge to remotely control the computer then I guess the Update manager should be affected too right, then the kernel updates etc... could be infected ones?
Is there a way to verify if a rootkit has been…
Sum1
- 31
2
votes
2 answers
Rootkit scanner with graphical feedback or GUI
There are some rootkitscanners for linux, for example:
chkrootkit
rkhunter
But How would I get notified on a desktop?
Is it possible to get an alert, if the scanner found something?
rubo77
- 32,486
2
votes
0 answers
/etc/thnuclnt/.thnumod - what is that file for?
~ > sudo find / -user root -perm -4000 -ls
710826 44 -rwsr-xr-- 1 root messagebus 42500 Окт 3 22:31 /lib/dbus-1.0/dbus-daemon-launch-helper
658951 464 -rwsr-xr-x 1 root root 472124 Июл 28 2011…
zuba
- 2,393