chkrootkit - Used to Check for Symptoms of Installed Root Kits

Property Value
Distribution openSUSE Tumbleweed
Repository Security all
Package filename chkrootkit-0.53-1.1.i586.rpm
Package name chkrootkit
Package version 0.53
Package release 1.1
Package architecture i586
Package type rpm
Category Productivity/Security
License BSD3c(or similar)
Maintainer -
Download size 264.73 KB
Installed size 731.44 KB
This is a set of tools that detect rootkit (a program that hides the
presence of attackers) symptoms on a system. Rootkits can hide using
kernel modules, but they always leave some small traces that can be
detected with this program. However, it is always recommended to use
this program from a rescue system or a system with a similar purpose.


Package Version Architecture Repository
chkrootkit-0.53-1.1.x86_64.rpm 0.53 x86_64 Security
chkrootkit - - -


Name Value -


Name Value
chkrootkit = 0.53-1.1
chkrootkit(x86-32) = 0.53-1.1


Type URL
Binary Package chkrootkit-0.53-1.1.i586.rpm
Source Package chkrootkit-0.53-1.1.src.rpm

Install Howto

  1. Add the Security repository:
    # zypper addrepo security
  2. Install chkrootkit rpm package:
    # zypper install chkrootkit




2019-04-23 - Tuukka Pasanen <>
- update to version 0.53
- Mumblehard backdoor/botnet detection
- Linux.Xor.DDoS Malware
- Malicious TinyDNS detection
- Backdoors.Linux.Mokes.a detection
- Minor bug fixes
- Linux.Proxy.10 detection
- strings.c & chkutmp.c bug fixes
- Rocke Monero Miner detection
- Added ss support
- ifconfig.c bug fixes
- Minor bug fixes
- Updated chkrootkit-utmpchk.patch to version 0.53
- Updated chkrootkit-0.50.patch to chkrootkit-0.53.patch
2014-09-10 -
- chkrootkit-utmpchk.patch
fixed a stack smashing in chkutmp binary. bnc#896057
2014-08-26 -
- update to version 0.50
- new rootkits check: Linux Rootkit 64bits
- new backdoor check Operation Windigo
- CVE-2014-0476 fix
- minor bug fixes
- chkrootkit-0.49.patch refreshed to chkrootkit-0.50.patch
2011-09-17 -
- Remove redundant tags/sections from specfile
- Use %_smp_mflags for parallel build
2011-06-20 -
- Add BuildRequire: glibc-devel-static for openSUSE 12.1
2010-09-29 -
- update to version 0.49
- new tests: Mac OS X OSX.RSPlug.A Trojan Horse
- more tests for suspicious sniffer logs
- more tests for suspicious PHP files
- more tests for shell history file anomalies
- minor bug fixes
- chkdirs.c: minor bug fixes
- chkproc.c: minor bug fixes
- chkutmp.c: bug fix by Michael Schwendt
- renew patch
2009-11-03 -
- updated patches to apply with fuzz=0
2006-11-07 -
- upgraded to 0.47.
- check for Enye LKM and Lupper.Worm
- Fix for long lines in PS output
- Add getpriority to identify LKMs
- added various new rootkit signatures
2006-05-22 -
- Don't strip binaries.
2006-01-25 -
- converted neededforbuild to BuildRequires

See Also

Package Description
chrootuid-1.3-3.17.i586.rpm Runs Daemons with restricted File System Access
chrootuid-1.3-3.17.x86_64.rpm Runs Daemons with restricted File System Access
clamav-0.101.2-200.1.i586.rpm Antivirus Toolkit
clamav-0.101.2-200.1.x86_64.rpm Antivirus Toolkit
clamav-devel-0.101.2-200.1.i586.rpm Development files for libclamav, an antivirus engine
clamav-devel-0.101.2-200.1.x86_64.rpm Development files for libclamav, an antivirus engine
clamsap-0.99.2-2.16.i586.rpm Virus Scan Adapter (VSA) for ClamAV
clamsap-0.99.2-2.16.x86_64.rpm Virus Scan Adapter (VSA) for ClamAV
clamtk-5.26-6.1.noarch.rpm GUI for the ClamAV Antivirus
clamtk-kde-0.18-1.4.noarch.rpm Dolphin integration plugin for ClamTk
clamtk-kde-kde4-0.18-1.4.noarch.rpm Clamtk-kde for kde4
clamtk-kde-kf5-0.18-1.4.noarch.rpm Clamtk-kde for kf5
clamtk-lang-5.26-6.1.noarch.rpm Translations for package clamtk
compartm-1.1-895.20.i586.rpm A Wrapper to Securely Run Insecure or Untrusted Programs
compartm-1.1-895.20.x86_64.rpm A Wrapper to Securely Run Insecure or Untrusted Programs