1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
.TH chkrootkit 1 "10 January 2003"
.SH NAME
chkrootkit
\- Determine whether the system is infected with a rootkit
.SH SYNOPSIS
.B chkrootkit
[\fIOPTION\fR]... [\fITESTNAME\fR]...
.SH DESCRIPTION
.B chkrootkit
examines certain elements of the target system and determines
whether they have been tampered with. Some tools which
.B chkrootkit
applies while analyzing binaries and log files can be found at
\fI\//usr/lib/chkrootkit\fR.
.SH OPTIONS
.TP
\fB\-h\fR
Print a short help message and exit.
.TP
\fB\-V\fR
Print version information and exit.
.TP
\fB\-l\fR
Print available tests.
.TP
\fB\-d\fR
Enter debug mode.
.TP
\fB\-x\fR
Enter expert mode.
.TP
\fB\-e\fR
Exclude known false positive files/dirs, quoted, space separated.
.TP
\fB\-q\fR
Enter quiet mode.
.TP
\fB\-r \fIdir\fR
Use
.I dir
as the root directory.
.TP
\fB\-p \fIdir1\fR:\fIdir2\fR:\fIdirN\fR
Specify the path for the external commands used by chkrootkit.
.TP
\fB\-n\fR
skip NFS mounted dirs
.SH "AUTHOR"
Manual page written by Yotam Rubin
.I <yotam@makif.omer.k12.il>
and lantz moore
.I <lmoore@debian.org>
for the Debian project. It may be used by others.
.SH SEE ALSO
\fBstrings\fR(1)
|
