- (nearly) Complete Linux Loadable Kernel Modules -- the definitive guide for hackers, virus coders and system administrators, by pragmatic / THC, version 1.0, released 03/1999.
- Attacking FreeBSD with Kernel Modules -- The System Call Approach, by pragmatic / THC, version 1.0, released 06/1999
- Solaris Loadable Kernel Modules -- Attacking Solaris with loadable kernel modules, by Plasmoid / THC , version 1.0, (c) 1999.
- Abuse of the Linux Kernel for Fun and Profit, by halflife, Phrack 50, April 9, 1997.
- check-ps, by Duncan Simpson, is a program that is designed to detect rootkit versions of ps that fail to tell you about selected processes.
- rkscan, is a shell script rootkit scanner for Linux.
- Widespread Compromises via "ramen" Toolkit, CERT Incident Note IN-2001-01.
- ramenfind, by William Stearns, is a tool to detect and remove the Ramen Worm from infected Linux machines.
- Other security related links
- Web Hosting Buddy, Tutorials on securing web servers and preventing rootkits.
- Dotcom-Monitor, Provides server and web application monitoring software that aids in the detection of rootkits and malware.
- LoadView, Load testing tool that helps uncover performance weaknesses that could be exploited by rootkits.
|
![[chkrootkit: kicking script kiddies' asses since 1997]](http://www.chkrootkit.org/images/chkrootkit-logo.jpg){kind=logo}
$Date: 2007/12/17 19:04:27 $