View Issue Details

IDProjectCategoryView StatusLast Update
0002215Kali LinuxQueued Tool Additionpublic2020-06-17 14:58
Reporterjdmurray Assigned To 
PrioritynormalSeverityminorReproducibilityalways
Status acknowledgedResolutionopen 
Summary0002215: debcheckroot - Add additional rootkit detectors
Description

Having the ability to scan an item of digital evidence with multiple A/V scanners is necessary for a source forensics analysis. The A/V and rootkit detectors distributed with Kali (ClamAV, chkrootkit) are great, but including other free alternatives would increase Kali's usefulness to forensic investigations.

Suggestions are:

rkhunter
https://rootkit.nl/projects/rootkit_hunter.html

debcheckroot
http://www.elstel.org/debcheckroot/

Activities

stormtide

stormtide

2015-07-28 13:53

reporter   ~0003612

rkhunter :

download + extract

install:

./installer.sh --install

Running :

rkhunter -c

g0tmi1k

g0tmi1k

2018-01-29 15:12

administrator   ~0008464

To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):

  • [Name] - The name of the tool
  • [Version] - What version of the tool should be added?
    --- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
  • [Homepage] - Where can the tool be found online? Where to go to get more information?
  • [Download] - Where to go to get the tool?
  • [Author] - Who made the tool?
  • [Licence] - How is the software distributed? What conditions does it come with?
  • [Description] - What is the tool about? What does it do?
  • [Dependencies] - What is needed for the tool to work?
  • [Similar tools] - What other tools are out there?
  • [How to install] - How do you compile it?
  • [How to use] - What are some basic commands/functions to demonstrate it?
g0tmi1k

g0tmi1k

2020-02-11 12:03

administrator   ~0012217

We already have rkhunter
https://pkg.kali.org/pkg/rkhunter

g0tmi1k

g0tmi1k

2020-03-25 13:23

administrator   ~0012535

@kali-team, please could this be packaged up.
@author, If you want to help the packaging process, you can check the documentation here ~ https://www.kali.org/docs/development/public-packaging

g0tmi1k

g0tmi1k

2020-03-25 13:23

administrator   ~0012536

This may be a good suggest to put to Debian directly

Issue History

Date Modified Username Field Change
2015-04-10 03:48 jdmurray New Issue
2015-07-28 13:53 stormtide Note Added: 0003612
2018-01-29 10:22 g0tmi1k Summary Add additional rootkit detectors => rkhunter / debcheckroot - Add additional rootkit detectors
2018-01-29 15:12 g0tmi1k Note Added: 0008464
2018-02-21 09:35 g0tmi1k Product Version 1.1.0 =>
2019-12-09 13:30 g0tmi1k Severity minor => feature
2020-02-11 12:03 g0tmi1k Note Added: 0012217
2020-02-11 12:03 g0tmi1k Summary rkhunter / debcheckroot - Add additional rootkit detectors => debcheckroot - Add additional rootkit detectors
2020-03-25 13:23 g0tmi1k Status new => acknowledged
2020-03-25 13:23 g0tmi1k Category New Tool Requests => Queued Tool Addition
2020-03-25 13:23 g0tmi1k Note Added: 0012535
2020-03-25 13:23 g0tmi1k Note Added: 0012536
2020-06-17 14:58 g0tmi1k Severity feature => minor