Just Launched: You can now import projects and releases from Google Code onto SourceForge
We are excited to release new functionality to enable a 1-click import from Google Code onto the Allura platform on SourceForge. You can import tickets, wikis, source, releases, and more with a few simple steps. Read More
On Sat, 23 Feb 2013 16:46:37 +0100 "Xavier Guillot"
>First thanks for your work on RKHunter: since Chkrootkit seems no
>developed, RKH is the only opensource anti-rootkit software
>Linux and still active.
You're right Chkrootkit doesn't seem to be actively developed.
Strictly speaking RKH isn't the only tool around that inspects a
system for symptoms of rootkits and malware though: OSSEC-HIDS has
a rootkit-checking component (don't know the state development of
that component is in though: diff commits?) and at the other end of
the spectrum Samhain comes with a LKM to inspect certain kernel
>I am wondering if there will be soon a new version of RKHunter, as
>Unhide has made some changes recently:
Thanks to John those changes were committed to CVS
week Jesus announced his changes.
>And if yes, will it include signatures of new malwares discovered,
like the SSHd Spam Exploit / libkeyutils.so.1.9 ?
I updated RKH in CVS on the 16th and posted about the issue:
clamav-sig-for-lib64-libkeyutils-so-1-9-contents-35316/. Also see
Note this doesn't include the CalmAV sig as we haven't discussed
offering it / using ClamAV as part of RKH.
You can point to me for not having released a new version of RKH
yet, though the CVS version should be usable until then.