{"id":778,"date":"2004-09-12T09:09:00","date_gmt":"2004-09-12T00:09:00","guid":{"rendered":"\/?p=778"},"modified":"2004-09-12T09:09:00","modified_gmt":"2004-09-12T00:09:00","slug":"chkrootkit","status":"publish","type":"post","link":"https:\/\/www.hiro345.net\/blogs\/hiro345\/archives\/778.html","title":{"rendered":"chkrootkit"},"content":{"rendered":"<p>\nRef: <a href=\"http:\/\/www.itmedia.co.jp\/enterprise\/0303\/11\/epn11.html\">\u7b2c3\u56de\u3000rootkit\u691c\u51fa\u30c4\u30fc\u30eb\u306b\u3088\u308b\u691c\u67fb (1\/6)<\/a><br \/>\nRef: <a href=\"http:\/\/fumika.jp\/nikki\/2004\/04\/chkrootkit\">chkrootkit \u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3068\u5229\u7528\u65b9\u6cd5<\/a>\n<\/p>\n<p>\nchkrootkit\u306e\u5b58\u5728\u306f\u77e5\u3063\u3066\u3044\u305f\u304c\u3001\u4eca\u307e\u3067\u4f7f\u7528\u3057\u3066\u3044\u306a\u304b\u3063\u305f\u3002\u7c21\u5358\u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3067\u304d\u308b\u3088\u3046\u306a\u306e\u3067\u3001\u4f7f\u3063\u3066\u307f\u308b\u3053\u3068\u306b\u3057\u305f\u3002Debian GNU\/Linux \u3067\u306f\u3001apt-get install chkrootkit \u3067\u7c21\u5358\u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u304c\u3067\u304d\u308b\u3002\n<\/p>\n<div class=\"code\"># apt-get install chkrootkit<\/div>\n<p><!--more--><\/p>\n<p>\n\u30e1\u30fc\u30eb\u3067\u901a\u77e5\u3092\u51fa\u3059\u305f\u3081\u306b\u306f\u3001Debian GNU\/Linux \u3067\u306f\u3001\/etc\/cron.daily \u306bchkrootkit\u3068\u3044\u3046\u30b7\u30a7\u30eb\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u4f5c\u3063\u3066\u304a\u3051\u3070\u3044\u3044\u3002\/etc\/cron.daily\/chkrootkit \u3092\u5b9f\u884c\u53ef\u80fd\u306b\u3057\u3066\u304a\u304f\u3053\u3068\u3092\u5fd8\u308c\u306a\u3044\u3088\u3046\u306b\u3057\u3088\u3046\u3002\n<\/p>\n<p><div class=\"code\"># cat \/etc\/cron.daily\/chkrootkit<br \/>\n#!\/bin\/sh<br \/>\nLOGFILE=\/var\/log\/chkrootkit<br \/>\n\/usr\/sbin\/chkrootkit | grep INFECTED > $LOGFILE<br \/>\nif [ -s $LOGFILE ]; then<br \/>\n    cat $LOGFILE | mail -s &#8220;chkrootkit INFECTED&#8221; root<br \/>\nfi<\/div><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ref: \u7b2c3\u56de\u3000rootkit\u691c\u51fa\u30c4\u30fc\u30eb\u306b\u3088\u308b\u691c\u67fb (1\/6) Ref: chkrootkit \u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3068\u5229\u7528\u65b9\u6cd5 chkrootkit\u306e\u5b58\u5728\u306f\u77e5\u3063\u3066\u3044\u305f\u304c\u3001\u4eca\u307e\u3067\u4f7f\u7528\u3057\u3066\u3044\u306a\u304b\u3063\u305f\u3002\u7c21\u5358\u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3067\u304d\u308b\u3088\u3046 &hellip; <a href=\"https:\/\/www.hiro345.net\/blogs\/hiro345\/archives\/778.html\">\u7d9a\u304d\u3092\u8aad\u3080 <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-778","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/www.hiro345.net\/blogs\/hiro345\/wp-json\/wp\/v2\/posts\/778","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hiro345.net\/blogs\/hiro345\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hiro345.net\/blogs\/hiro345\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hiro345.net\/blogs\/hiro345\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hiro345.net\/blogs\/hiro345\/wp-json\/wp\/v2\/comments?post=778"}],"version-history":[{"count":0,"href":"https:\/\/www.hiro345.net\/blogs\/hiro345\/wp-json\/wp\/v2\/posts\/778\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.hiro345.net\/blogs\/hiro345\/wp-json\/wp\/v2\/media?parent=778"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hiro345.net\/blogs\/hiro345\/wp-json\/wp\/v2\/categories?post=778"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hiro345.net\/blogs\/hiro345\/wp-json\/wp\/v2\/tags?post=778"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}