Anti-Rootkit in Linux ?

Discussion in 'other anti-malware software' started by Ocky, Jan 2, 2008.

Thread Status:
Not open for further replies.
  1. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    Is it less 'important' to have ARK software in Linux than in Windows ?
    For Linux there seem to be 2 favourites viz. chkrootkit and Rootkit Hunter
    with chrootkit seemingly more user friendly.

    Linux users, have you installed either one or the other and if so
    which one do you recommend - or would you say totally unnecessary
    (reasons plse.)

    Regards.
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    Tried them both. You don't need them. Why?
    Because you install software from official repositories. There's no reason for you to look for random sources or packages across the web. Everything comes neatly together in official repos. Sometimes you might download a thing here or there that is not included in the official repositories, but just stick to official sites of the programs in question, check sums and you'll be fine.
    Mrk
     
  3. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Yep, agree 100% with Mrkvonic, there's just no need for any of that stuff in Linux.
     
  4. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    About the only thing I install outside the repos of the distro I may be using at a given time is the latest version of Wine (from WineHQ) or the latest Ati driver from AMD's website (both very trustworthy).
     
  5. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Most attacks on Linux systems are on servers. The Linux desktop share is so small malware writers simply do not bother with it.
     
  6. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    Thanks for your posts. One thing I noticed in Ubuntu Linux is that
    apparmor is installed and loaded in Gutsy (sudo apparmor_status).
    However I am not sure what protection it specifically offers, and whether
    or not one can/need configure it.
     
  7. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    I know it comes installed in SuSE 10.3 by default, but I didn't know it was in Ubuntu 7.10 out of the box(?). News to me....

    No idea how to do it, but I would think that it is configurable to some extent or other...
     
  8. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    http://en.wikipedia.org/wiki/AppArmor

    https://help.ubuntu.com/community/AppArmor

    As a newbie to anything Linux, I think better not touch it at this stage.
    Just wondering whether the default profile config. provides certain
    level of protection.
     
Loading...
Thread Status:
Not open for further replies.