{"id":77,"date":"2013-10-20T11:35:41","date_gmt":"2013-10-20T09:35:41","guid":{"rendered":"http:\/\/pclos.janu.hu\/?p=77"},"modified":"2024-02-09T14:08:46","modified_gmt":"2024-02-09T13:08:46","slug":"77","status":"publish","type":"post","link":"http:\/\/pclos.janu.hu\/?p=77","title":{"rendered":"Rootkit-ek keres\u00e9se Rootkit Hunter-rel"},"content":{"rendered":"<table style=\"font-size: 12px; font-family: Freesans, Helvetica, Arial; width: 100%;\" border=\"0\">\n<tbody>\n<tr style=\"font-family: Times New Roman, sans-serif;\">\n<td>\n<p style=\"margin-bottom: 0.15cm; font-size: 18px; font-weight: bold; text-align: center;\"><a href=\"http:\/\/pclosmag.com\/html\/Issues\/200609\/page08.html\" target=\"_blank\" rel=\"noopener\">PCLinuxOS Magazine \u2013 2006. szeptember<\/a><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<p style=\"margin-botton: 0.3cm; font-weight: bold;\">\u00cdrta: magian<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<p style=\"margin-bottom: 0.15cm;\">Az Internet vad \u00e9s vesz\u00e9lyes hely is lehet. Mi, Linux-haszn\u00e1l\u00f3k \u00e1ltal\u00e1ban v\u00e9dettek vagyunk a v\u00edrus- \u00e9s rosszindulat\u00fa fert\u0151z\u00e9sek legrosszabbjait\u00f3l, de a t\u00fals\u00e1gos magabiztoss\u00e1g id\u0151nk\u00e9nt a biztons\u00e1g hamis \u00e9rzet\u00e9t keltheti. A Linux-on is lehet <b>rootkit<\/b> telep\u00edtve.<\/p>\n<p style=\"margin-bottom: 0.15cm;\">K\u00e9rded, mi az a <b>rootkit<\/b>?<\/p>\n<p><!--more--><\/p>\n<blockquote><p>\u201e<b>Rootkit<\/b> a szoftvereszk\u00f6z\u00f6k egyfajta egy\u00fcttese, amelynek c\u00e9lja folyamatok, f\u00e1jlok \u00e9s rendszeradatok elrejt\u00e9s\u00e9vel seg\u00edteni a behatol\u00f3t a rendszerhez val\u00f3 hozz\u00e1f\u00e9r\u00e9sben, a rejtetts\u00e9g fenntart\u00e1sa mellett. Rootkit-ek sz\u00e1mos oper\u00e1ci\u00f3s rendszerhez l\u00e9teznek, mint p\u00e9ld\u00e1ul Linux-hoz, Solaris-hoz \u00e9s a Microsoft Windows x86-os verzi\u00f3ihoz. A rootkit-ek gyakran az oper\u00e1ci\u00f3s rendszer r\u00e9szeit m\u00f3dos\u00edtj\u00e1k, illetve meghajt\u00f3, vagy kernel modulk\u00e9nt telep\u00edtik magukat.\u201d<\/p><\/blockquote>\n<p style=\"margin-bottom: 0.15cm;\">az id\u00e9zet a <a href=\"http:\/\/en.wikipedia.org\/wiki\/Rootkits\" target=\"_blank\" rel=\"noopener\">http:\/\/en.wikipedia.org\/wiki\/Rootkits<\/a> ford\u00edt\u00e1sa.<\/p>\n<p style=\"margin-bottom: 0.15cm;\">Szerencs\u00e9re van egy nagyszer\u0171 szoftver\u00fcnk ezeknek az aljas behatol\u00f3knak a felder\u00edt\u00e9s\u00e9re. Rootkit Hunter-nek h\u00edvj\u00e1k \u00e9s Michael Boelen k\u00e9sz\u00edtette. Csak n\u00e9h\u00e1ny a Rootkit Hunter kiemelked\u0151 tulajdons\u00e1gai k\u00f6z\u00fcl:<\/p>\n<ul>\n<li>\n<p style=\"margin-bottom: 0cm;\">MD5 hash \u00f6sszehasonl\u00edt\u00e1s;<\/p>\n<\/li>\n<li>\n<p style=\"margin-bottom: 0cm;\">a rootkit-ek \u00e1ltal haszn\u00e1lt alapvet\u0151 f\u00e1jlok keres\u00e9se;<\/p>\n<\/li>\n<li>\n<p style=\"margin-bottom: 0cm;\">bin\u00e1ris f\u00e1jlok hib\u00e1s jogosults\u00e1gai;<\/p>\n<\/li>\n<li>\n<p style=\"margin-bottom: 0cm;\">az LKM \u00e9s KLD modulokban gyan\u00fas karaktersorok keres\u00e9se;<\/p>\n<\/li>\n<li>\n<p style=\"margin-bottom: 0cm;\">rejtett f\u00e1jlok keres\u00e9se;<\/p>\n<\/li>\n<li>\n<p style=\"margin-bottom: 0cm;\">opcion\u00e1lis keres\u00e9s egyszer\u0171 sz\u00f6veg- \u00e9s bin\u00e1ris f\u00e1jlokban;<\/p>\n<\/li>\n<li>a Rootkit Hunter GPL licencen alapul \u00e9s b\u00e1rki szabadon haszn\u00e1lhatja.<\/li>\n<\/ul>\n<p style=\"margin-bottom: 0.15cm;\">Most megmutatom, hogyan telep\u00edtsd a Rootkit Hunter-t a PCLinuxOS t\u00e1rol\u00f3j\u00e1b\u00f3l, friss\u00edtsd \u00e9s futtass vele egy teljes rendszerellen\u0151rz\u00e9st. Ezeket rendszergazdak\u00e9nt kell v\u00e9grehajtanod.<\/p>\n<p style=\"margin-bottom: 0cm;\"><code>apt-get<\/code> megkeresi \u00e9s telep\u00edti a <i>Rootkit Hunter<\/i>-t teh\u00e1t:<\/p>\n<p style=\"margin-bottom: 0.15cm; background: grey; color: white;\"><code>apt-get install rkhunter<\/code><\/p>\n<p style=\"text-align: center;\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone\" src=\"http:\/\/pclosmag.com\/html\/Issues\/200609\/images\/08-02.png\" alt=\"\" width=\"500\" height=\"349\" \/><\/p>\n<p style=\"margin-bottom: 0cm;\">Ezut\u00e1n friss\u00edtj\u00fck a programot:<\/p>\n<p style=\"margin-bottom: 0.15cm; background: grey; color: white;\"><code>rkhunter --update<\/code><\/p>\n<p style=\"margin-bottom: 0cm;\">A <em>Rootkit Hunter<\/em> let\u00f6lti \u00e9s telep\u00edti az aktu\u00e1lis al\u00e1\u00edr\u00e1sokat.<\/p>\n<p style=\"text-align: center;\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone\" src=\"http:\/\/pclosmag.com\/html\/Issues\/200609\/images\/08-04.png\" alt=\"\" width=\"500\" height=\"349\" \/><\/p>\n<p style=\"margin-bottom: 0cm;\">Ezut\u00e1n futtatunk egy teljes ellen\u0151rz\u00e9st:<\/p>\n<p style=\"margin-bottom: 0.15cm; background: grey; color: white;\"><code>rkhunter --checkall<\/code><\/p>\n<p style=\"margin-bottom: 0.15cm;\">A <em>Rootkit Hunter<\/em> az ellen\u0151rz\u00e9sek eg\u00e9sz sor\u00e1t futtatja le a rendszereden \u00e9s a folyamat ideje alatt t\u00e1j\u00e9koztat az el\u0151rehalad\u00e1sr\u00f3l. Amikor k\u00e9sz, az ellen\u0151rz\u00e9s eredm\u00e9ny\u00e9r\u0151l ilyen \u00f6sszes\u00edt\u00e9st ad:<\/p>\n<p style=\"text-align: center;\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone\" src=\"http:\/\/pclosmag.com\/html\/Issues\/200609\/images\/08-05.png\" alt=\"\" width=\"500\" height=\"349\" \/><\/p>\n<p style=\"margin-bottom: 0.15cm;\">Az <i>rkhunter<\/i>-t argumentum n\u00e9lk\u00fcl futtatva kilist\u00e1zza a lehet\u0151s\u00e9geket. A Rootkit Hunter hozz\u00e1adhat\u00f3 a shell szkript-hez \u00e9s cronjob-k\u00e9nt is futtathat\u00f3. Most van m\u00e9g egy okod, hogy a Microsoft Windows-t futtat\u00f3 bar\u00e1taidn\u00e1l sokkal ink\u00e1bb biztons\u00e1gban \u00e9s el\u0151bbreval\u00f3nak \u00e9rezd magad.<\/p>\n<p>Rootkit Hunter &#8211; <a title=\"rootkit\" href=\"http:\/\/www.rootkit.nl\/\" target=\"_blank\" rel=\"noopener\">http:\/\/www.rootkit.nl\/<\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>PCLinuxOS Magazine \u2013 2006. szeptember \u00cdrta: magian Az Internet vad \u00e9s vesz\u00e9lyes hely is lehet. Mi, Linux-haszn\u00e1l\u00f3k \u00e1ltal\u00e1ban v\u00e9dettek vagyunk a v\u00edrus- \u00e9s rosszindulat\u00fa fert\u0151z\u00e9sek legrosszabbjait\u00f3l, de a t\u00fals\u00e1gos magabiztoss\u00e1g id\u0151nk\u00e9nt a biztons\u00e1g hamis \u00e9rzet\u00e9t keltheti. A Linux-on is lehet &hellip; <a href=\"http:\/\/pclos.janu.hu\/?p=77\">Egy kattint\u00e1s ide a folytat\u00e1shoz&#8230;. <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,9],"tags":[8,13,197],"class_list":["post-77","post","type-post","status-publish","format-standard","hentry","category-magazin","category-rendszer","tag-8","tag-2006-szeptem","tag-rendszer"],"_links":{"self":[{"href":"http:\/\/pclos.janu.hu\/index.php?rest_route=\/wp\/v2\/posts\/77","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/pclos.janu.hu\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/pclos.janu.hu\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/pclos.janu.hu\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/pclos.janu.hu\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=77"}],"version-history":[{"count":5,"href":"http:\/\/pclos.janu.hu\/index.php?rest_route=\/wp\/v2\/posts\/77\/revisions"}],"predecessor-version":[{"id":4117,"href":"http:\/\/pclos.janu.hu\/index.php?rest_route=\/wp\/v2\/posts\/77\/revisions\/4117"}],"wp:attachment":[{"href":"http:\/\/pclos.janu.hu\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=77"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/pclos.janu.hu\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=77"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/pclos.janu.hu\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=77"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}