|
|
|
|
Online Now: 2 0 Members | 2 Guests |
|
|
|
|
|
|
Copy & paste Coding Dibawah ini Untuk Banner kami ================================== <a href="http://www.sekuritionline.net/" target="_blank"><img src= "http://www.sekuritionline.net/ banner/banner.gif" width="125" height="75" alt="sekuritionline.net" title="SO-Te@m" border="0" /></a> |
|
|
|
|
|
|
| -------------------------------- |
|
|
|
|
|
|
|
| January 26, 2009, 6:54 pm |
|
|
|
|
By TheSimS
Published: April 25, 2007
Print
Email
Checking backdoor dan Trojan di Linux / BSD
chkrootkit
adalah tools yang digunakan untuk mendeteksi adanya backdoor
dan trojan pada mesin unix anda chkrootkit dapat digunakan pada : Linux 2.0.x, 2.2.x, 2.4.x and 2.6.x FreeBSD 2.2.x, 3.x, 4.x and 5.x OpenBSD 2.x and 3.x. NetBSD 1.6.x Solaris 2.5.1, 2.6, 8.0 and 9.0 HP-UX 11 Tru64 BSDI and Mac OS X.
Latest features added ( 10th Oct 2006 ):
new test: crontab new rootkits detected: Enye LKM, Lupper.Worm, shv5 more ports added to the bindshell test some minor bug fixes
Id anda harus root ------------------
Berikut langkah langkahnya --------------------------
root@sekuritionline.com
~/chk# wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz --14:25:48-- ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz => `chkrootkit.tar.gz' Resolving ftp.pangeia.com.br... 200.239.53.35 Connecting
to ftp.pangeia.com.br|200.239.53.35|:21... connected. Logging in as anonymous ... Logged in! ==> SYST ... done. ==> PWD ... done. ==> TYPE I ... done. ==> CWD /pub/seg/pac ... done. ==> PASV ... done. ==> RETR chkrootkit.tar.gz ... done. Length: 37,791 (37K) (unauthoritative)
100%[====================================>] 37,791 7.32K/s ETA 00:00
14:26:01 (7.07 KB/s) - `chkrootkit.tar.gz' saved [37791]
root@sekuritionline.com ~/chk# tar -zxvf chkrootkit.tar.gz chkrootkit-0.47 chkrootkit-0.47/ACKNOWLEDGMENTS chkrootkit-0.47/COPYRIGHT chkrootkit-0.47/Makefile chkrootkit-0.47/README chkrootkit-0.47/README.chklastlog chkrootkit-0.47/README.chkwtmp chkrootkit-0.47/check_wtmpx.c chkrootkit-0.47/chkdirs.c chkrootkit-0.47/chklastlog.c chkrootkit-0.47/chkproc.c chkrootkit-0.47/chkrootkit chkrootkit-0.47/chkrootkit.lsm chkrootkit-0.47/chkutmp.c chkrootkit-0.47/chkwtmp.c chkrootkit-0.47/ifpromisc.c chkrootkit-0.47/strings.c root@sekuritionline.com ~/chk# cd chkrootkit-0.47 root@sekuritionline.com ~/chk/chkrootkit-0.47#
root@sekuritionline.com ~/chk/chkrootkit-0.47# make *** stopping make sense *** make[1]: Entering directory `/home/users/iqbal/chk/chkrootkit-0.47' gcc -DHAVE_LASTLOG_H -o chklastlog chklastlog.c gcc -DHAVE_LASTLOG_H -o chkwtmp chkwtmp.c gcc
-DHAVE_LASTLOG_H -D_FILE_OFFSET_BITS=64 -o ifpromisc ifpromisc.c gcc -o chkproc chkproc.c gcc -o chkdirs chkdirs.c gcc -o check_wtmpx check_wtmpx.c gcc -static -o strings-static strings.c gcc -o chkutmp chkutmp.c make[1]: Leaving directory `/home/users/iqbal/chk/chkrootkit-0.47' root@sekuritionline.com ~/chk/chkrootkit-0.47# ls ACKNOWLEDGMENTS check_wtmpx* chkproc* chkwtmp* COPYRIGHT check_wtmpx.c chkproc.c chkwtmp.c Makefile chkdirs* chkrootkit* ifpromisc* README chkdirs.c chkrootkit.lsm ifpromisc.c README.chklastlog chklastlog* chkutmp* strings-static* README.chkwtmp chklastlog.c chkutmp.c strings.c
langkah terakhir jalankan aplikasi
root@sekuritionline.com ~/chk/chkrootkit-0.47# ./chkrootkit ROOTDIR is `/' Checking `amd'... not found Checking `basename'... not infected Checking `biff'... not found Checking `chfn'... not infected Checking `chsh'... not infected
tunggu sampai selesai
nanti dapat terlihat apakah mesin anda terinfeksi trojan atau tidak mudah bukan .....
thanks
to staff sekuritionline .... maaf ya baru bisa kirim-kirim artikel lagi
dan yang ini semoga bermanfaat ...
View Comments (0)
|
|
|
|
|
Sorry, your account does not have access to post comments.