The Rootkit Hunter project team is pleased to announce the release
of version 1.3.8.
The change log lists 24 bug fixes, 29 changes and 18 new items.
Naming a few:
* Whitelist rootkit strings (RTKT_FILE_WHITELIST).
* Whitelist items not always present (EXISTWHITELIST).
* Whitelist combined pathname and port number (PORT_WHITELIST).
* Added Whirlpool and Ripemd160 hashes to file properties check.
* Support for DragonFly BSD.
* Support for Solaris OS package management.
* The 'suspicious files' check display each item individually.
* The '--enable' and '--disable' command-line options may now
be specified more than once.
* Grsecurity-enabled systems may now run the network 'ports'
* Allow test names for the 'unhide' command (UNHIDE_TESTS).
* Rootkit checks added: OS X Togroot and Boonana (Koobface.A)
trojan, Solaris Wanuk backdoor and worm and Inqtana worm.
* Better support for *BSD commands and OS X.
For more details please see the CHANGELOG at
Rootkit Hunter release 1.3.8 obsoletes all previous releases:
Thanks to John Horne and all contributors who made this release
possible by providing code, submitting ideas, bugs, fixes,
documentation, helping out on the rkhunter-users mailing list and
promoting Rootkit Hunter. For more details please see the