chkrootkit - Used to Check for Symptoms of Installed Root Kits

Property Value
Distribution openSUSE Leap 15.0
Repository Security all
Package name chkrootkit
Package version 0.50
Package release lp150.7.1
Package architecture x86_64
Package type rpm
Installed size 811.34 KB
Download size 274.31 KB
Official Mirror
This is a set of tools that detect rootkit (a program that hides the
presence of attackers) symptoms on a system. Rootkits can hide using
kernel modules, but they always leave some small traces that can be
detected with this program. However, it is always recommended to use
this program from a rescue system or a system with a similar purpose.


Package Version Architecture Repository
chkrootkit - - -


Name Value -


Name Value
chkrootkit = 0.50-lp150.7.1
chkrootkit(x86-64) = 0.50-lp150.7.1


Type URL
Binary Package chkrootkit-0.50-lp150.7.1.x86_64.rpm
Source Package chkrootkit-0.50-lp150.7.1.src.rpm

Install Howto

  1. Add the Security repository:
    # zypper addrepo security
  2. Install chkrootkit rpm package:
    # zypper install chkrootkit




2014-09-10 -
- chkrootkit-utmpchk.patch
fixed a stack smashing in chkutmp binary. bnc#896057
2014-08-26 -
- update to version 0.50
- new rootkits check: Linux Rootkit 64bits
- new backdoor check Operation Windigo
- CVE-2014-0476 fix
- minor bug fixes
- chkrootkit-0.49.patch refreshed to chkrootkit-0.50.patch
2011-09-17 -
- Remove redundant tags/sections from specfile
- Use %_smp_mflags for parallel build
2011-06-20 -
- Add BuildRequire: glibc-devel-static for openSUSE 12.1
2010-09-29 -
- update to version 0.49
- new tests: Mac OS X OSX.RSPlug.A Trojan Horse
- more tests for suspicious sniffer logs
- more tests for suspicious PHP files
- more tests for shell history file anomalies
- minor bug fixes
- chkdirs.c: minor bug fixes
- chkproc.c: minor bug fixes
- chkutmp.c: bug fix by Michael Schwendt
- renew patch
2009-11-03 -
- updated patches to apply with fuzz=0
2006-11-07 -
- upgraded to 0.47.
- check for Enye LKM and Lupper.Worm
- Fix for long lines in PS output
- Add getpriority to identify LKMs
- added various new rootkit signatures
2006-05-22 -
- Don't strip binaries.
2006-01-25 -
- converted neededforbuild to BuildRequires
2006-01-20 -
- Upgraded to 0.46a.
- fixed %doc permissions.

See Also

Package Description
chrootuid-1.3-lp150.3.1.x86_64.rpm Runs Daemons with restricted File System Access
clamav-0.100.2-lp150.193.1.x86_64.rpm Antivirus Toolkit
clamav-devel-0.100.2-lp150.193.1.x86_64.rpm Development files for libclamav, an antivirus engine
clamtk-5.25-lp150.4.1.noarch.rpm GUI for the ClamAV Antivirus
clamtk-kde-0.18-lp150.1.1.noarch.rpm Dolphin integration plugin for ClamTk
clamtk-kde-kde4-0.18-lp150.1.1.noarch.rpm Clamtk-kde for kde4
clamtk-kde-kf5-0.18-lp150.1.1.noarch.rpm Clamtk-kde for kf5
clamtk-lang-5.25-lp150.4.1.noarch.rpm Translations for package clamtk
corkscrew-2.0-lp150.2.1.x86_64.rpm Tunnel SSH through HTTP Proxies
cppcodec-0.1-lp150.1.1.noarch.rpm Header-only C++11 library to encode/decode various encoding formats
cryptctl-2.3-lp150.21.2.x86_64.rpm A utility for setting up LUKS-based disk encryption
ctunnel-0.7-lp150.1.1.x86_64.rpm Crypto Tunnel for Proxying and Forwarding TCP Connections
daes-0.41-lp150.3.1.x86_64.rpm AES Command Line Encryption Tool
eid-mw-4.0.6+1620-lp150.2.1.x86_64.rpm Belgium electronic identity card PKCS#11 module and Firefox plugin
eid-mw-devel-4.0.6+1620-lp150.2.1.x86_64.rpm Belgium electronic identity card PKCS#11 module - development package