linux侵入検出ツール
1133 ワード
chkrootkit
RKHunter
yum -y install gcc gcc-c++ glibc-static
http://www.chkrootkit.org/download/
tar zxf chkrootkit.tar.gz
cd chkrootkit-*
make sense
chkrootkit -h
-h
-v
-l
-ddebug ,
-q ,
-x ,
-r dir
-p dir1:dir2:dirN chkrootkit
-n NFS
chkrootkit
RKHunter
https://sourceforge.net/projects/rkhunter/files/latest/download
tar -zxf rkhunter-1.4.0.tar.gz
cd rkhunter-1.4.0
./installer.sh --layout default --install
rkhunter /usr/local/bin
rkhunter --help
-c, –check ,
–configfile
–cronjob cron
–sk, –skip-keypress ,
–summary
–update rkhunter --update
-V, –version rkhunter --versioncheck
–versioncheck
,
rkhunter --propupd #
ls /var/lib/rkhunter/db/rkhunter.dat #
rkhunter -c
crontab -e
30 09 * * * root /usr/local/bin/rkhunter –check –cronjob
10 03 * * * /usr/bin/rkhunter --check --skip-keypress >/home/check_rkhunter/chk.txt