Hello, I'm trying to script an automated "rootkit check" utilizing several utilities and am wondered if there is a way to grab the latest tarball and its md5sum from the website. chkrootkit's website makes this easy as one only needs to grab ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz and ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.md5. With some basic munging its easy to verify that the archive is as it says, then proceed to do the check. I desire to do the same with rkhunter, but the links I have seen on sourceforge always include the version in the name. While I can use those for now, I'm hoping to avoid having to update the script every time there is a new release.
Also, I'm wanting to test these script and am wanting to find ways of "infecting" a machine (then imaging it for future clean tests.) Is there an archive somewhere of the known rootkits to download? Thanks in advance. Beefsalad ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
