Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 709
  • Last Modified:

ROOTKITS

I do I get rid of Rootkits on my system?
0
CORRY23
Asked:
CORRY23
  • 2
2 Solutions
 
Pete LongConsultantCommented:
Scanning for Rootkits
http://www.linuxdevcenter.com/pub/a/linux/2002/02/07/rootkits.html

chkrootkit Rootkit Scanner
http://www.linuxdevcenter.com/pub/a/linux/2002/02/07/rootkits.html?page=2

From Above
The chkrootkit package contains seven small applications. The main progam, chkrootkit, is used to detect known rootkit signatures. In addition to searching for a rootkit's default files, it also checks core system binaries for malicious content. The remaining applications in the package are ifpromisc, which helps to find out whether a network interface is in promiscuous mode (remember you can't trust netstat), chklastlog, chkwtmp, and check_wtmpx, all of which detect deletions in various log files, chkproc, which detects Loadable Kernel Module (LKM) trojans and hidden processes, and finally strings, which is a simple implementation of the Unix strings utility.



0
 
msiceCommented:
You rebuild it.
0
 
skjortanCommented:
That depends on what systems you have. are we talking windows, Linux or solaris ??

if we are talking windows you might have a real problem. Some of the windows rootkits are really kernel plugins that loads before the OS has booted and are quite hard to get rid of.

I can reccomend VICE from www.rootkit.com it will find most if not all exixting rootkits for win32.


But your real question was: How do i get rid of rootkits?

Well the best aproache is:
1. run a scanner.
2. then boot the machine with a boot CD like Knoppix
3. Delete the files
4. reboot
 
0
 
msiceCommented:
You will never be certain that you have removed all of it/them. Unless you are in a controlled lab environment or have 100% snapshot of the system before the rootkit/s were implemented.
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now