Re: How to build CD with chkrootkit on it?

From: Axel Beckert - ecos gmbh (beckert@ecos.de)
Date: 01/15/03

Next message: Patrick Morris: "Re: How to build CD with chkrootkit on it?"

Previous message: Hugo van der Kooij: "Re: How to build CD with chkrootkit on it?"
In reply to: Steve Wampler: "How to build CD with chkrootkit on it?"
Next in thread: Patrick Morris: "Re: How to build CD with chkrootkit on it?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 15 Jan 2003 20:10:32 +0100
From: Axel Beckert - ecos gmbh <beckert@ecos.de>
To: Steve Wampler <sbw@tapestry.tucson.az.us>

Hi!

Am Sat, Jan 11, 2003 at 04:01:20PM -0700, Steve Wampler schrieb:
> I'm trying to build a CD that has all the binaries and libraries
> needed to run chkrootkit on it (so I can be more confident that
> I'm running good binaries when checking possibly compromized
> systems...).

It's not exactly what you asked for, but it should give you
another solution for the situation in general:

Have a look the (Debian based) Knoppix Linux Live On CD. It has
chkrootkit included and you have a bunch of other standard or useful
linux tools (about 1.7 GB on one CD) and a very impressive automagical
hardware detection, so you don't have to rely on any file on the
possibly compromised system. It also includes everything you need to
make a backup copy of the compromised system for documentation.

See http://www.knopper.net/knoppix/index-en.html for details and
download.

HTH

Kind regards, Axel Beckert

-- 
-------------------------------------------------------------
Axel Beckert      ecos electronic communication services gmbh
Internetconnect * Webserver/-design/-datenbanken * Consulting
Post:       Tulpenstrasse 5         D-55276 Dienheim b. Mainz
E-Mail:     beckert@ecos.de         Voice:    +49 6133 926530
WWW:        http://www.ecos.de/     Fax:      +49 6133 925152
-------------------------------------------------------------

Next message: Patrick Morris: "Re: How to build CD with chkrootkit on it?"
Previous message: Hugo van der Kooij: "Re: How to build CD with chkrootkit on it?"
In reply to: Steve Wampler: "How to build CD with chkrootkit on it?"
Next in thread: Patrick Morris: "Re: How to build CD with chkrootkit on it?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

How to build CD with chkrootkit on it?
... I'm trying to build a CD that has all the binaries and libraries ... needed to run chkrootkit on it (so I can be more confident that ...
(Focus-Linux)
Checking for rootkits
... started using chkrootkit, a utility that checks ... for rootkits on your Linux/BSD/Solaris install. ... Copy the binaries to a standard system bin ... we want to modify the md5 ...
(Incidents)
Checking for rootkits
... started using chkrootkit, a utility that checks ... for rootkits on your Linux/BSD/Solaris install. ... Copy the binaries to a standard system bin ... we want to modify the md5 ...
(Security-Basics)
Re: How to build CD with chkrootkit on it?
... Steve Wampler wrote: ... >I'm trying to build a CD that has all the binaries and libraries ... Else try chrooting chkrootkit and keep adding libraries until you ...
(Focus-Linux)
chfn, date, chsh INFECTED according to chkrootkit
... right now chkrootkit is giving alot of false ... binaries, removed /usr/src and did a 'make world' to ... But, chfn, cfsh, and date are stilling showing as ... New and Improved Yahoo! ...
(FreeBSD-Security)