Rootkit Hunter release 1.3.8

The Rootkit Hunter project team is pleased to announce the release of version 1.3.8.

The change log lists 24 bug fixes, 29 changes and 18 new items. Naming a few:

* Whitelist rootkit strings (RTKT_FILE_WHITELIST).
* Whitelist items not always present (EXISTWHITELIST).
* Whitelist combined pathname and port number (PORT_WHITELIST).
* Added Whirlpool and Ripemd160 hashes to file properties check.
* Support for DragonFly BSD.
* Support for Solaris OS package management.
* The 'suspicious files' check display each item individually.
* The '--enable' and '--disable' command-line options may now be specified more than once.
* Grsecurity-enabled systems may now run the network 'ports' test.
* Allow test names for the 'unhide' command (UNHIDE_TESTS).
* Rootkit checks added: OS X Togroot and Boonana (Koobface.A) trojan, Solaris Wanuk backdoor and worm and Inqtana worm.
* Better support for *BSD commands and OS X.

For more details please see the CHANGELOG at http://rkhunter.cvs.sourceforge.net/viewvc/\*checkout*/rkhunter/rkhunter/files/CHANGELOG.
Rootkit Hunter release 1.3.8 obsoletes all previous releases: please upgrade.

Thanks to John Horne and all contributors who made this release possible by providing code, submitting ideas, bugs, fixes, documentation, helping out on the rkhunter-users mailing list and promoting Rootkit Hunter. For more details please see the ACKNOWLEDGMENTS.

Posted by unSpawn 2010-11-17

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks