Rootkit Hunter v1.3.6 Available - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: May 20th, 2013

Linux Advisory Watch: May 17th, 2013

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Rootkit Hunter v1.3.6 Available

User Rating:

How can I rate this item?

Source: rkh Project - Posted by Dave Wreski

The Rootkit Hunter project team is pleased to announce the release of version 1.3.6. This release offers more ease of use and improved rootkit and malware checks. The change log lists 29 additions including 9 configuration options and details for 12 rootkits, 29 changes including improvements for 15 rootkit checks and 22 bugfixes. Naming a few:

New IGNORE_PRELINK_DEP_ERR configuration option in case of persistent prelink dependency errors.
New USER_FILEPROP_FILES_DIRS configuration option to add files and directories to the file properties check.
New COPY_LOG_ON_ERROR configuration option to copy the log file if any errors or warnings have occurred.
New WEBCMD configuration option to specify the command used to download data file updates from the Internet.
Rkhunter will look for configuration options in the main configuration file, and then in the local configuration file if it exists.
New SHARED_LIB_WHITELIST configuration option for whitelisting preloaded shared libraries.
New WARN_ON_OS_CHANGE configuration option. If unset then no warnings will be shown.
New UPDT_ON_OS_CHANGE configuration option. If set and the O/S has changed then rkhunter will automatically update properties ('rkhunter --propupd').
Added support for hash functions SHA224, SHA256, SHA384 and SHA512 using CPAN perl modules Digest-SHA-PurePerl or SHA256.
New UPDATE_LANG configuration option.
New ALLOWPROMISCIF configuration option.
New PKGMGR_NO_VRFY configuration option for fine-grained package manager verification process control.
Rootkit checks added: Adore Rootkit (aka strings.o aka Dextenea) cb, CX, Fu, iLLogiC, ld-linuxv.so.1, 'Spanish', trNkit, Xzibit, ZK.
Updated rootkit / malware checks: Ambient (ark), beX2, BOBkit, Dica-kit, Dreams, Enye LKM, evil strings test, Fleakit, FreeBSD, Phalanx2, SHV4, Universal (URK).

For more details please see the CHANGELOG at http://rkhunter.cvs.sourceforge.net/viewvc/*checkout*/rkhunter/rkhunter/files/CHANGELOG.

Rootkit Hunter release 1.3.6 obsoletes all previous releases: please upgrade.

Thanks to John Horne and all contributors who made this release possible by providing code, submitting ideas, bugs, fixes, documentation, helping out on the rkhunter-users mailing list and promoting Rootkit Hunter. For more details please see the ACKNOWLEDGMENTS.

Best regards,
unSpawn
---

Read this full article at rkh Project