Free anti-malware da anti-rootkit kayan aikin

Alejandro (a.k.a KZKG^Gaara)An sabunta

9 Comments

Ana amfani da Linux sau da yawa don ceton shigarwar Windows ... ko a. Abin da babban ban mamaki, daidai, akwai kayan aikin kyauta da yawa don cire malware da rootkits. Bari mu ga wasu daga cikinsu.

Chkotarinkit

Chkrootkit ko Duba Rootkit sanannen shiri ne na buɗe tushen kayan aiki, kayan aiki ne da ake amfani dasu don digitization na rootkits, botnets, malware, da sauransu akan sabarku ko tsarin Unix / Linux. An gwada akan: Linux 2.0.x, 2.2.x, 2.4.x, 2.6.x, da 3.xx, FreeBSD 2.2.x, 3.x, 4.x, 5.x da 7.x, OpenBSD 2 .x, 3.x da 4.x, 1.6.x NetBSD, Solaris 2.5.1, 2.6, 8.0 da 9.0, HP-UX 11, Tru64, BSDI da Mac OS X. An riga an shigar da wannan kayan aikin a cikin BackTrack 5 a da Kayan aikin bincike na shari'a da anti-virus.

Don girka chkrootkit akan Ubuntu ko Debian bisa distro, zaku iya rubuta:

sudo dace-samun shigar chkrootkit

Don fara duba tsarin don yiwuwar rootkits da bayan gida, rubuta umarnin:

sudo chrootkit

Mafarauta Rootkit

Rootkit Hunter ko rkhunter sigar na'urar buɗe ido ce ta tushen tushen kama da chkrootkit wanda kuma an riga an girka shi a cikin BackTrack 5 a ƙarƙashin Forensic da Anti-Virus Tools. Wannan kayan aikin yana nazarin rootkits, bayan gida da kuma amfanin gida ta hanyar gudanar da gwaje-gwaje kamar: kwatankwacin MD5 hash, bincika tsoffin fayilolin da rootkits ke amfani da su, izini ba da izini na fayil na binaries ba, bincika layukan da ba a tsammani a cikin matakan LKM da KLD, ɓoyayyen fayil ɗin bincike, da zabin bincikowa a cikin rubutu da fayilolin binary.

Don girka rkhunter a kan Ubuntu ko Debian bisa distro, zaku iya rubuta:

sudo dace-samun shigar rkhunter

Don fara binciken tsarin fayil, rubuta umarnin:

sudo rkhunter - dubawa

Kuma idan kuna son bincika abubuwan sabuntawa, gudanar da umurnin:

sudo rkhunter – kwanan wata

Bayan rkhunter ya gama binciki tsarin fayilolinku, duk sakamako ya shiga /var/log/rkhunter.log.

ClamAV

ClamAV sanannen software ne na anti-virus na Linux. Shine sanannen riga-kafi na Linux wanda ke da tsarin GUI wanda aka tsara don sauƙin gano Trojan, ƙwayoyin cuta, malware da sauran barazanar. Hakanan za'a iya sanya ClamAV akan Windows, BSD, Solaris, har ma da MacOSX. Jami'in Bincike na Tsaro Dejan de Lucas yana da wani koyawa dalla-dalla akan InfoSec Resource Institute shafi akan yadda ake girka ClamAV da yadda ake aiki tare da tsarin sa akan layin umarni.

Rariya

BotHunter shine tsarin tushen hanyar bincike na botnet wanda yake bin hanyar hanyoyin sadarwa biyu da ke gudana tsakanin kwamfutar mutum da Intanet. An inganta shi kuma ana kiyaye shi ta Laboratory Science Labour, SRI International, kuma ana samun sa don Linux da Unix, amma yanzu sun fito da wani tsarin gwaji na sirri da kuma wanda aka riga aka fitar na Windows.

Idan kana son saukar da wannan shirin zaka iya yin hakan daga a nan . Ana samun bayanan martabar BotHunter a ~ cta-bh / BotHunter / LIVEPIPE / botHunterResults.txt.

Misali na amfani ga BotHunter2Web.pl:

perl BotHunter2Web.pl [kwanan wata YYYY-MM-DD] -i sampleresults.txt

avast! Shafin Gida na Linux

avast! Linux Home Edition Linux riga-kafi ne wanda aka bayar kyauta, amma kawai don gida ba don kasuwanci ba. Ya haɗa da na'urar daukar hoton layin umarni kuma bisa ga kwarewar marubucin bayanin asali, yana gano wasu batutuwa na Perl IRC wadanda ke dauke da ayyukan cutarwa kamar su udpflood da tcpflood ayyuka, kuma yana bawa maigidansa ko mai kula da bot damar gudu Umurnin sabani tare da amfani da tsarin () aiki don Perl.

Kuna iya zazzage wannan software ta riga-kafi a nan .

NeoPI

NeoPI rubutun Python ne mai amfani don gano lalata da ɓoyayyen abun ciki tsakanin fayilolin rubutu ko rubutu. Dalilin NeoPI shine don taimakawa cikin gano ɓoyayyen lamba a cikin kwalin yanar gizo. Ci gaban NeoPI shine ƙirƙirar kayan aiki wanda za'a iya amfani dashi tare da sauran sa hannun gama gari- ko hanyoyin gano mahimman kalmomi. Rubutun giciye ne don Windows da Linux. Ba wai kawai yana taimaka wa masu amfani don gano ƙofar baya ba, amma har ma da rubutun ƙeta kamar IRC botnets, baƙuwar ruwa, baƙaƙen rubutu, da kayan aikin ƙeta.

Don amfani da wannan rubutun Python, kawai zazzage lambar daga shafin github na hukuma kuma kewaya cikin kundin adireshin ta:

git clone https://github.com/Neohapsis/NeoPI.git cd NeoPI

muminai

Ourmon shine tushen tushen tushen Unix kuma kayan aiki ne na kayan hadin kan yanar gizo akan FreeBSD, amma kuma ana iya amfani dashi don gano botnet kamar yadda Ashis Dash yayi bayani a cikin labarin nata mai taken 'Kayan Gano Botnet: Ourmon' a cikin mujallar Clubhack ko Chmag.

Grep

Kuma ƙarshe amma ba mafi ƙaranci ba, muna da umarnin grep, wanda shine kayan aikin layin umarni mai ƙarfi akan Unix da Linux. An yi amfani dashi don bincika da gwada bayanan bayanan bincike don layukan da suka dace da magana na yau da kullun. A takaice dai, wannan kayan aikin Ken Thompson ne yayi lamba a ranar 3 ga Maris, 1973 don Unix. A yau, Grep sananne ne don ganowa da bincika kwalliyar bayan gida mai ban haushi da maƙasudin rubutun ma.

Hakanan za'a iya amfani da Grep don gano rubutun mai rauni (alal misali, aikin shell_exec na PHP wanda aiki ne mai haɗari na PHP wanda ke ba da damar aiwatar da lambar nesa ko aiwatar da umarni). Zamu iya amfani da umarnin grep don neman shell_exec () azaman fa'ida a cikin kundin adireshin mu / var / www don bincika yiwuwar fayilolin PHP masu yuwuwar ICE ko allurar umarni. Ga umarnin:

grep-Rn "shell_exec * (" / var / www

Grep kayan aiki ne mai kyau don ganowa da hannu da kuma binciken bincike.

Source: linuxaria & Taringa


9 comments, bar naka

Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.

  1.   syeda_abubakar m
    sa 11 shekaru

    Game da #Avast yana da kyau… Na saka shi kuma baya aiki da gaske.
    Labari mai kyau… Dole ne in gwada sauran kayan aikin!

    Amsa wa lucascordobes
  2.   LE Oripmav m
    sa 11 shekaru

    wayyo! kayan aiki masu kyau amma avast din baiyi min aiki ba sai dai kawai ya rage pc din ya dauki 20 min. don farawa

    Amsa wa LE Oripmav
  3.   Gaius baltar m
    sa 11 shekaru

    Magana, Pablo 😀

    Amsa ga Gaius Baltar
  4.   Omar m
    sa 11 shekaru

    Ina kwana,,

    Labarin yana da ban sha'awa, Ni sabon shiga ne a cikin wannan batun, don haka nake tambaya, a cikin zaɓi na farko da kuka faɗi yadda za ku girka chkrootkit, sannan kuma umarni don bincika yiwuwar rootkits da ƙofar ƙofa a cikin tsarin, sannan menene zan yi ? Nakan share su, na soke su, na toshe su, idan kuma haka ne, ta yaya zan share su ko kuma in toshe su?

    Gracias

    Amsa wa Omar
  5.   Jorge m
    sa 11 shekaru

    Labari mai kyau

    Amsa wa Jorge
  6.   federico m
    sa 9 shekaru

    Barka dai, Ni Fede ne, ina kan shafinka mai matukar amfani, Linux mai tsayi da kuma kayan aikin kyauta kyauta ga dubban masu shirye-shirye da kuma masu fashin kwamfuta daga ko'ina cikin duniya. Na gode LINUS TOORVALD, RICHARD STALLMAN, ERICK RAIMOND da sauransu da yawa, sai anjima kuma ku gafar da kurakurai a cikin sunayen MUNA GODIYA.

    Amsa wa federico
  7.   acm1pt m
    sa 8 shekaru

    Ban fahimci komai ba uwar fucking!

    Amsa wa Acm1pt
    1.    magana m
      sa 7 shekaru

      Duba, ban fahimta sosai ba, amma ɗayan sharhin ya ce yana da kyau.Clam av baya cewa yana da darasi. XD

      Amsa wa Clau
  8.   Elmar sanannun m
    sa 3 shekaru

    madogara (https://www.elstel.org/debcheckroot/) daga elstel.org bata cikin wannan jerin. A halin yanzu shine mafi kyawun kayan aiki daga can don hango rootkits. Yawancin shirye-shirye kamar rkhunter da chkrootkit ba za su iya sake gano tushen kayan da zaran an canza shi kaɗan ba. debcheckroot ya bambanta. Yana kwatanta sha256sum na kowane fayil ɗin da aka sanya akan taken kunshin.

    Amsa wa Elmar Stellnberger