Rkhunter does find patterns of known rootkits but it also finds indicators
like memory anomalies like I mentioned and it logs each file change from
the install, this is why ideally you should install it in a fresh system.
Thanks.

Michael Lazin

On Sun, May 8, 2022 at 3:45 PM <estel...@elstel.org> wrote:

> Am 08.05.2022 20:43, schrieb estel...@elstel.org:
> > P.S.: A memory only rootkit would still need a hook to reinstall on a
> > fresh boot.
>
>    Yes I know it is an issue. Debcheckroot does f.i. not check you
> initrd. To fix this issue I would need to program an own piece of
> software like debcheckinitrd. Anyone who wants to support me can do
> this: https://www.elstel.org/Contact.html. I am a free developer and I
> do not get paid for my open source related work.
>
-- 
Michael Lazin

.. τὸ γὰρ αὐτὸ νοεῖν ἐστίν τε καὶ εἶναι.

Reply via email to