Linux, Rootkits

Check for rootkit presence

Rootkit: “A rootkit is a stealthy type of malicious software designed to hide the existence of certain processes or programs from normal methods of detection and enables continued privileged access to a computer.” – wikipedia

A great tool to check for rootkit presence is chkrootkit tool.

Chkrootkit scans locally for signs of a rootkit.

To install chkrootkit (for Ubuntu users):

sudo apt-get install chkrootkit

To run chkrootkit, issue the following command:

sudo chkrootkit