locally checks for signs of a rootkit

Rootkits are used by intruders to hide and secure their presence on your system. An intruder achieves complete cloaking capability by relying on an administrator to trust the output of various system programs. This assumption is more or less true — most of the time system administrators trust ps to display all processes and ls to list all files.
To check for such rootkits you can use

chkrootkit from chkrootkit.org

Leave a Reply

Your email address will not be published. Required fields are marked *