The Rootkit Hunter project

Rootkit Hunter announces final release 1.3.4

The Rootkit Hunter project is pleased to announce the release of version 1.3.4

The change log lists 4 additions, 8 changes and 9 bugfixes. Naming a few:

• Added IntoXonia-NG rootkit check.
• Added Phalanx2 rootkit check.
• Added support for TCB shadow files.
• The '--propupd' option can now take an optional file, directory or package name after it.
• Revised file properties inode check.
• Tests against the SSH configuration file now accept the key/value pair.
• Improved the O/S name detection.
• The Linux 'os_specific' test has now been split into two separate tests.
• Improved ALLOWPROCDELFILE configuration option.
• Improved hidden files and directories check.
• The DBDIR directory can now be read-only, after installation.
• Improved debug file option.
• The system startup file and directory tests have now been merged.

Thanks to John Horne and all contributors who made this release possible by providing code, submitting ideas, bugs, fixes, documentation, helping out on the rkhunter-users mailing list and promoting Rootkit Hunter.

If you decide to give RKH 1.3.4 a go please:

1. consult the off/online FAQ first and then
2. the rkhunter mailing list archives and Wiki.

If your problem is not handled in the FAQ or the rkhunter-users mailing list archives, please join (subscribe) the list and ask!

About the project 

Earlier in 2006 the Rootkit Hunter initiator and developer Michael Boelen agreed to hand over development. The team has been releasing Rootkit Hunter since version 1.2.9.

If you would like to:
• ask questions about usage or scan results: please see above and then join the rkhunter-users mailinglist.
• be notified about upcoming releases: please join the rkhunter-announce mailinglist.
• report downstream (maintainer) changes, supply a patch or release hashes or report a bug: please use our SF tracker (preferred) or the rkhunter-users mailinglist.