rkhunter (for Rootkit Hunter ) is a program Unix which makes it possible to detect the Rootkit S, Backdoor S and exploit S. For that, it compares the Hash MD5 of the important files with the known hash, which are accessible starting from a database on line. Thus, it can detect the repertories generally used by the abnormal rootkit, permissions, the hidden files, the suspect chains in the kernel and can carry out tests specific to Linux and FreeBSD.
Let us recall however that in 2004, Chinese researchers, Xiaoyun Wang, Dengguo Feng, Xuejia Lai and Hongbo Yu, showed that one could create files distinct of the same signature MD5 because of a mathematical property of invariance from this process.
site Rootkit Hunter
|Random links:||Ctenodactylidae | Pascal Cherki | Isaias Duarte Cancino | Chisholm clan | Robson mount | Parc_national_de_Werrikimbe|