Rootkit Hunter v1.3.4 in the wild

Rootkit scanner is scanning tool to ensure you for about 99.9%* you’re clean of nasty tools. This tool scans for rootkits, backdoors and local exploits

The change log lists 4 additions, 8 changes and 9 bugfixes.Naming a few:

  • Added IntoXonia
  • NG rootkit check.
  • Added Phalanx2 rootkit check
  • Added support for TCB shadow files.
  • The ’—propupd’ option can now take an optional file, directory or package name after it.
  • Revised file properties inode check.
  • Tests against the SSH configuration file now accept the key/value pair.
  • Improved the O/S name detection.
  • The Linux ’os_specific’ test has now been split into two separate tests.
  • Improved ALLOWPROCDELFILE configuration option.
  • Improved hidden files and directories check.
  • The DBDIR directory can now be read-only, after installation.
  • Improved debug file option.
  • The system startup file and directory tests have now been merged.Thanks to John Horne and all contributors who made this release possible by providing code, submitting ideas, bugs, fixes, documentation, helping out on the rkhunter-users mailing list and promoting Rootkit Hunter.