| manual:
|
DESCRIPTION
rootkitwr is a simple chkrootkit wrapper designed to run at regular intervals as
a cronjob or at boot time. Chkrootkit is a tool designed to detect rootkits
on Unix systems. It can be downloaded from www.chkrootkit.org. This wrapper
sends alert mail to a specified user and displays a security alert message
if a rootkit has been found.
Before running the script, edit the User defined variables section at the
beginning of the script.
To improve security, all tools (grep, mail, chkrootkit..) and the script
itself should be put on a media that can be write protected like a
floppy. This will make tampering with the script and the tools
it uses impossible - unless physicall access is gained. Make sure that the
tools you will put on the media have not been compromised already. Get them
from a safe source like your install CD or a trusted site.
NOTE
This script must be run as root.
|
