RootCheck - 0.4

[Daniel Cid <danielcid () yahoo com br>]

A new version of the RootCheck (0.4) is available.
It now supports the report in html format and detect
some more problems.
the rootkit page was updated too, with a few more
rootkits documented and more links.

Link: http://www.ossec.net/rootcheck/

Download:
http://www.ossec.net/rootcheck/files/rootcheck-0.4.tar.gz

"
RootCheck is an Open Source software that scans all
the system looking for 
possible problems. The result of the scan can be sent
to an e-mail and you 
can choose between the html or text format. 
On this version, RootCheck execute these "checks": 

Check the binaries for trojans 
Check for hidden/malicious open ports (used to find
LKM rootkits too) 
Check the network interfaces and the "ifconfig" 
Check the passwd files 
Check the configuration files (httpd.conf, inetd.conf,
xinetd.conf, sshd_config, sudoers and exports) 
Check the log files for possible problems (log file
deleted, linked to /dev/null, etc) 
Check /proc and ps for hidden process (used to
discover LKM rootkits) 
Check for public rootkits 
Check the /dev directory 
Check all the system for malicious files/directories
and bad permissions 
"

______________________________________________________________________

Yahoo! Mail: 6MB, anti-spam e antivírus gratuito! Crie sua conta agora:
http://mail.yahoo.com.br

---------------------------------------------------------------------------
---------------------------------------------------------------------------