Karl Larsen wrote:
I put rootkit in Google and learned they are mainly aimed at Windows. I know Windows from about XP have a kernel but it really does little. The rootkit designs I saw were aimed at the kernel for some reason. No where could I find mention of a Linux rootkit.
FWIW, I been running rkhunter on Unix and Linux systems for several years, on a regular basis. I also occasionally run chkrootkit, but I like rkhunter better. It checks for more than 100 rootkits and trojans <http://www.rootkit.nl/projects/rootkit_hunter.html> And it checks md5 values for a number of files, in the easiest case against the rpm db. e.g. rkhunter -c --pkgmgr rpm Regards, Doug Wyatt
