Rootkits in Ubuntu, how to discover them

Joaquín García

2 minutes

Rootkits in Ubuntu, how to discover them

A good friend of mine says that the greatest cybersecurity threat is the man, the user. And there is no greater reason for him. We always talk about viruses and computer security, how it is very difficult to penetrate a system Gnu / Linux and very easy to get into Windows. But difficult does not mean impossible and more and more threats are created to Gnu / Linux and especially for Ubuntu, being one of the most used systems within the family Gnu / Linux. The rootkits are a good example of a threat that has been UbuntuAlthough just as there is a way to get it, there is always a way to get it out of our system.

What is a rootkit?

According to the wikipedia a rootkit is un program that allows continuous privileged access to a computer but actively keeps its presence hidden from the control of administrators by corrupting the normal operation of the operating system or other applications.

It is a dangerous threat for Ubuntu users since the first thing that can be done is to change the user and / or administrator password and disable our system.

Chkrootkit, a solution

Canonical, perhaps aware of these threats, has placed in its repositories a program that corrects or warns us of the possible rootkits that inhabit our system. The application is inherited from Debian but equally available and functional as in the parent distribution.

To install it we just have to go to our terminal or in synaptic and write

sudo apt-get install chkrootkit

Rootkits in Ubuntu, how to discover them

This will install the program, the only downside is that it does not have a graphical interface so every time you want to use it you will have to go to the terminal and write

sudo chkrootkit

Rootkits in Ubuntu, how to discover them

This will run the scan and inform you whether or not your computer is infected. If it were to be infected, only the Google search of the rootkit and its solution since it is very difficult for a program to solve the rootkitseither in Windows, Mac or Ubuntu.

Ah, one last recommendation. chkrootkit It is a program that only works if we run it, it does not work like a classic antivirus that is always latent looking for viruses or threats, nor is it going to take precautions by ourselves, so I recommend that from time to time, once a week for example, pass this tool through your system as well as the antivirus for your pen drives. You never know where the danger may be.

More information - WikipediaClamTk: virus cleanup in Ubuntu,

Image - pixaby


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   mary gl said
    ago 8 years

    Just by giving a contribution to that joint tool with rkhunter goes very well.
    To install it: sudo apt-get install rkhunter
    To update the database: sudo rkhunter –update
    And to run it: rkhunter -c

    Reply to Mary Gl
  2.   mary gl said
    ago 8 years

    To update the database: sudo rkhunter –-update sorry for that data

    Reply to Mary Gl