RE: Release of Rootkit Hunter 1.0.0

From: [BacK] (back_at_haxorcitos.com)
Date: 03/24/04

  • Next message: Mike Parkhurst: "Re: Release of Rootkit Hunter 1.0.0"
    To: <focus-ids@securityfocus.com>
    Date: Wed, 24 Mar 2004 22:51:55 +0100
    
    

    There are some free windows rootkit detectors...
    U can get it one on http://www.haxorcitos.com/ficheros/RKDetectorv0.62.zip
    Coded by aT4r.

    There're some usefull tools in that web, so I recommend u to test'em

    Best regards.

    Back[at]haxorcitos[dot]com

    -----Mensaje original-----
    De: Mike Parkhurst [mailto:myname17@bellsouth.net]
    Enviado el: lunes, 22 de marzo de 2004 22:30
    Para: M. Boelen
    CC: focus-ids@securityfocus.com
    Asunto: Re: Release of Rootkit Hunter 1.0.0

    That's a cool project. Does anyone know if there is a similar project
    for Windows systems?

    Thanks,
    Mike

    M. Boelen wrote:

    > Hi,
    >
    > After three RC's (release candidates), a lot of bug hunting and a lot
    > of 'Big thanks'
    > I'm proud to present you a new release of Rootkit Hunter. This release
    > incorporates extra support for a operating systems like AIX, improved
    > support for rootkits, new 3rd party support, extra program parameters,
    > better
    > logging support and code cleanups.
    >
    > Of course I want to thank all of you who tested previous releases,
    > send comments
    > or helped me by giving extra (code) tips to improve this release!
    >
    > Project page:
    > http://www.rootkit.nl/projects/rootkit_hunter.html
    >
    > Download location:
    > http://downloads.rootkit.nl/rkhunter-1.00.tar.gz
    >
    > Project description:
    > Scanner for detection of known and unknown rootkits, backdoors and
    > sniffers. See features below for more information.
    >
    > System requirements: UNIX (clone), BASH shell, Perl (optional)
    > Audience: System administrators, IT security experts
    >
    > Extended information:
    > -----------------------
    > Some features:
    > - 'Known good' hash compare
    > - Default file location scan
    > - Hidden files scan
    > - OpenSSH configuration check
    > - Colored layout
    > - Support for cronjobs
    >
    > Rootkit Hunter has been tested (and/or confirmed to work) on Red Hat
    > (normal and Advanced Server), Slackware, Fedora, SuSE, Gentoo,
    > Debian, Mandrake, FreeBSD (4.x and 5.x), AIX, OpenBSD and others.
    >
    > Support for NetBSD and Solaris is in development stage.
    >
    > Known issues:
    > - Not all Fedora core 1 hashes are updated (but will be happen soon)
    > - manpage not yet available (although it's already finished)
    > - Installation uses preconfigured (static) file paths
    >
    > -----------------------
    >
    > Want to get notified when new releases are available? Subscribe
    > to the Freshmeat Project page (http://freshmeat.net/projects/rkhunter)
    >
    > Have some questions (or comments)? Fill in the contact form at
    > http://www.rootkit.nl.
    >
    > Best regards,
    >
    > Michael
    > Rootkit.nl
    >
    > p.s. this message is cross posted to several (security ) related
    > mailinglists.
    > If you get this message a few times, you have been subscribed to the same
    > mailinglists as I am. In this case, sorry for the multiple messages. No
    > spamming was intended =)
    >
    >
    ---------------------------------------------------------------------------
    >
    > Test your IDS
    >
    > Is your IDS deployed correctly?
    > Find out by easily testing it with real-world attacks from CORE IMPACT.
    >
    > Visit: www.coresecurity.com/promos/sf_eids1 to learn more.
    >
    ---------------------------------------------------------------------------
    >
    >
    >

    ---------------------------------------------------------------------------

    ---------------------------------------------------------------------------

    ---------------------------------------------------------------------------

    ---------------------------------------------------------------------------


  • Next message: Mike Parkhurst: "Re: Release of Rootkit Hunter 1.0.0"