Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

chkrootkit - lion tamer

From: Talisker <Talisker () NETWORKINTRUSION CO UK>
Date: Mon, 26 Mar 2001 21:18:43 +0100
<moderator - feel free to delete anything you don't like>

Nelson Murilo has once again updated chkrootkit to v3, this time to detect
lion
http://www.chkrootkit.org

<snip>
The following rootkits and worms are currently detected:
lrk3, lrk4, lrk5, lrk6 (and some variants);
Solaris rootkit;
FreeBSD rootkit;
t0rn (including latest variant);
Ambient's Rootkit for Linux (ARK);
Ramen Worm;
rh[67]-shaper;
RSHA;
Romanian rootkit;
RK17;
Lion Worm.
New tests:
basename, dirname, traceroute, rpcinfo, rexedcs, date, echo, env, timed,
identd, pop2, pop3, write, tar, mail, biff, grep.
RK17 detection;
Lion Worm detection.
</snip>

a bit about lion http://www.sans.org/y2k/lion.htm

Thanks Nelson!

Andy
http://www.networkintrusion.co.uk
Talisker's Network Security Tools List

Security Tools Notification
http://groups.yahoo.com/group/security-tools/join
Previous By Date Next
Previous By Thread Next

Current thread: