Checking for Rootkits

Attackers install rootkits on a machine to gain root access, while its presence is hidden from the real administrator of the server. A tool that can help you to detect rootkits on your machine is chkrootkit.
You can download this from :

ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

To install chkrootkit, you need to compile the code that you have just downloaded. Extract the downloaded tar file and change to the extracted directory, as shown below:

# tar -xvf chkrootkit.tar.gz

# cd chkrootkit-0.49/


Now compile the code by running the following command:

# make sense

After successfully compiling, the tool is ready to be used. To check for rootkits, simply run chkrootkit as the root user:

# ./chkrootkit