RE: Release of Rootkit Hunter 1.0.0

From: [BacK] (back_at_haxorcitos.com)
Date: 03/24/04

Next message: Mike Parkhurst: "Re: Release of Rootkit Hunter 1.0.0"

Previous message: David Chapdelaine: "Re: Correlation software"
In reply to: Mike Parkhurst: "Re: Release of Rootkit Hunter 1.0.0"
Next in thread: Oscar Gallego Sendín: "Re: Release of Rootkit Hunter 1.0.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <focus-ids@securityfocus.com>
Date: Wed, 24 Mar 2004 22:51:55 +0100

There are some free windows rootkit detectors...
U can get it one on http://www.haxorcitos.com/ficheros/RKDetectorv0.62.zip
Coded by aT4r.

There're some usefull tools in that web, so I recommend u to test'em

Best regards.

Back[at]haxorcitos[dot]com

-----Mensaje original-----
De: Mike Parkhurst [mailto:myname17@bellsouth.net]
Enviado el: lunes, 22 de marzo de 2004 22:30
Para: M. Boelen
CC: focus-ids@securityfocus.com
Asunto: Re: Release of Rootkit Hunter 1.0.0

That's a cool project. Does anyone know if there is a similar project
for Windows systems?

Thanks,
Mike

M. Boelen wrote:

> Hi,
>
> After three RC's (release candidates), a lot of bug hunting and a lot
> of 'Big thanks'
> I'm proud to present you a new release of Rootkit Hunter. This release
> incorporates extra support for a operating systems like AIX, improved
> support for rootkits, new 3rd party support, extra program parameters,
> better
> logging support and code cleanups.
>
> Of course I want to thank all of you who tested previous releases,
> send comments
> or helped me by giving extra (code) tips to improve this release!
>
> Project page:
> http://www.rootkit.nl/projects/rootkit_hunter.html
>
> Download location:
> http://downloads.rootkit.nl/rkhunter-1.00.tar.gz
>
> Project description:
> Scanner for detection of known and unknown rootkits, backdoors and
> sniffers. See features below for more information.
>
> System requirements: UNIX (clone), BASH shell, Perl (optional)
> Audience: System administrators, IT security experts
>
> Extended information:
> -----------------------
> Some features:
> - 'Known good' hash compare
> - Default file location scan
> - Hidden files scan
> - OpenSSH configuration check
> - Colored layout
> - Support for cronjobs
>
> Rootkit Hunter has been tested (and/or confirmed to work) on Red Hat
> (normal and Advanced Server), Slackware, Fedora, SuSE, Gentoo,
> Debian, Mandrake, FreeBSD (4.x and 5.x), AIX, OpenBSD and others.
>
> Support for NetBSD and Solaris is in development stage.
>
> Known issues:
> - Not all Fedora core 1 hashes are updated (but will be happen soon)
> - manpage not yet available (although it's already finished)
> - Installation uses preconfigured (static) file paths
>
> -----------------------
>
> Want to get notified when new releases are available? Subscribe
> to the Freshmeat Project page (http://freshmeat.net/projects/rkhunter)
>
> Have some questions (or comments)? Fill in the contact form at
> http://www.rootkit.nl.
>
> Best regards,
>
> Michael
> Rootkit.nl
>
> p.s. this message is cross posted to several (security ) related
> mailinglists.
> If you get this message a few times, you have been subscribed to the same
> mailinglists as I am. In this case, sorry for the multiple messages. No
> spamming was intended =)
>
>
---------------------------------------------------------------------------
>
> Test your IDS
>
> Is your IDS deployed correctly?
> Find out by easily testing it with real-world attacks from CORE IMPACT.
>
> Visit: www.coresecurity.com/promos/sf_eids1 to learn more.
>
---------------------------------------------------------------------------
>
>
>

---------------------------------------------------------------------------

Next message: Mike Parkhurst: "Re: Release of Rootkit Hunter 1.0.0"

Previous message: David Chapdelaine: "Re: Correlation software"
In reply to: Mike Parkhurst: "Re: Release of Rootkit Hunter 1.0.0"
Next in thread: Oscar Gallego Sendín: "Re: Release of Rootkit Hunter 1.0.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]