Rkdet 0.54
Sponsored Links
Rkdet 0.54 Ranking & Summary
File size:
0.057 MB
Platform:
Any Platform
License:
GPL (GNU General Public License)
Price:
Downloads:
1203
Date added:
2006-07-11
Publisher:
Andrew Daviel
Rkdet 0.54 description
This program is a daemon intended to catch someone installing a rootkit or running a packet sniffer. It is designed to run continually with a small footprint under an innocuous name. When triggered, it sends email, appends to a logfile, and disables networking or halts the system. it is designed to install with the minimum of disruption to a normal multiuser system, and should not require rebuilding with each kernel change or system upgrade.http://vancouver-webpages.com/rkdet/rkdet-0.54-2.i386.rpm
The program regularly verifies the checksum of a small number of system files that are typically modified by a rootkit. This list of files is compiled into the program. The file list, together with the system commands and messages, are obfuscated in the compiled code to prevent someone from figuring out what the program is for by eyeballing the binary.
The obfuscation algorithm is simple, but is compiled into the program and does not depend on external programs or other libraries.
The program takes a single optional numeric argument. If odd (bit 0 set), the interface "eth0" is checked for promiscuous operation (packet sniffing). If bit 1 is clear, the program will delete the default route on the network when triggered. Of bit 1 is set, the program will disable the eth0 interface. Systems with multiple interfaces may require an alternate interface specification in "xstrings.txt", or modification of the program to disable multiple interfaces. If bit 2 is set, the program will only log events and not disconnect the network.
The command may be modified to "init 1" or "shutdown -h now" if desired, or to run a script such as "panic.sh" (included).
Enhancements:
- Added configure script.
- Do not trap if checksum program fails (due to load, etc.)
The program regularly verifies the checksum of a small number of system files that are typically modified by a rootkit. This list of files is compiled into the program. The file list, together with the system commands and messages, are obfuscated in the compiled code to prevent someone from figuring out what the program is for by eyeballing the binary.
The obfuscation algorithm is simple, but is compiled into the program and does not depend on external programs or other libraries.
The program takes a single optional numeric argument. If odd (bit 0 set), the interface "eth0" is checked for promiscuous operation (packet sniffing). If bit 1 is clear, the program will delete the default route on the network when triggered. Of bit 1 is set, the program will disable the eth0 interface. Systems with multiple interfaces may require an alternate interface specification in "xstrings.txt", or modification of the program to disable multiple interfaces. If bit 2 is set, the program will only log events and not disconnect the network.
The command may be modified to "init 1" or "shutdown -h now" if desired, or to run a script such as "panic.sh" (included).
Enhancements:
- Added configure script.
- Do not trap if checksum program fails (due to load, etc.)
Rkdet 0.54 Screenshot
Rkdet 0.54 Keywords
to catch
Rkdet 0.54
packet sniffer
intended to
catch someone
program
Rkdet
ROOTKIT
someone
system
packet
Rkdet 0.54
Monitoring
System
Bookmark Rkdet 0.54
Rkdet 0.54 Copyright
WareSeeker periodically updates pricing and software information of Rkdet 0.54 full version from the publisher, so some information may be slightly out-of-date. You should confirm all information before relying on it. Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future development of Rkdet 0.54 Edition. Download links are directly from our publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
Featured Software
Want to place your software product here?
Please contact us for consideration.
Contact WareSeeker.com
Related Information
Packet analyzer
programming software applications
cash for clunkers program
program latihan khidmat negara
programmable thermostat
programmer
program tv
programa do jo
computer programmer
programme tele
program khidmat negara
rkdetector
programming languages
packet sniffers
ares free download program
programes
program comcast remote
rkdetect
Related Software
nPULSE is a Web-based network monitoring package for Unix-like operating systems. Free Download
YACY is a distributed Web crawler and also a caching HTTP/HTTPS proxy. Free Download
chkrootkit is a tool to locally check for signs of a rootkit. Free Download
Imager::Filters is an entire image filtering operations. Free Download
Darkstat is a network traffic analyzer. Free Download
jNetStream is a sniffer and a protocol analyzer. Free Download
Imager::Fountain is a class for building fountain fills suitable for use by the fountain filter. Free Download
Imager::Tutorial is an introduction to Imager. Free Download
Latest Software
Popular Software
Favourite Software
