[COPY] --- T2-COPYRIGHT-BEGIN ---
[COPY] t2/package/*/chkrootkit/chkrootkit.desc
[COPY] Copyright (C) 2004 - 2025 The T2 SDE Project
[COPY] Copyright (C) 1998 - 2003 ROCK Linux Project
[COPY] SPDX-License-Identifier: GPL-2.0
[COPY] --- T2-COPYRIGHT-END ---

[I] Checks for signs of rootkits

[T] chkrootkit is a tool to locally check for signs of a rootkit. It contains
[T] a chkrootkit: shell script that checks system binaries for rootkit
[T] modification. The following tests are made: aliens, asp, bindshell, lkm,
[T] rexedcs, sniffer, wted, z2, amd, basename, biff, chfn, chsh, cron, date,
[T] du, dirname, echo, egrep, env, find, fingerd, gpm, grep, hdparm, su,
[T] ifconfig, inetd, inetdconf, identd, killall, login, ls, mail, mingetty,
[T] netstat, named, passwd, pidof, pop2, pop3, ps, pstree, rpcinfo, rlogind,
[T] rshd, slogin, sendmail, sshd, syslogd, tar, tcpd, top, telnetd, timed,
[T] traceroute, and write. ifpromisc.c checks whether the interface is in
[T] promiscuous mode, chklastlog.c checks for lastlog deletions, chkwtmp.c
[T] checks for wtmp deletions, check_wtmpx.c checks for wtmpx deletions
[T] (Solaris only), and chkproc.c checks for signs of LKM trojans.

[U] https://www.chkrootkit.org/

[A] Nelson Murilo <nelson@pangeia.com.br>
[A] Klaus Steding-Jessen <jessen@nic.br>
[M] The T2 Project <t2@t2-project.org>

[C] extra/security
[F] CROSS

[L] OpenSource
[S] Stable
[V] 0.58b

var_remove makeopt ' ' all
var_append makeopt ' ' sense
var_append makeinstopt ' ' SBINDIR=$sbindir

[D] 57211d85a6c31bccce0b4bc4635830cae8b6ec73db4857ec83ec665f chkrootkit-0.58b.tar.gz ftp://ftp.chkrootkit.org/pub/seg/pac/