Tiger – Rootkit Checker for Linux

0
2039

There’s a really popular myth going all around that Linux is not vulnerable to the virus. The claim is true to a certain extent. Obviously, Linux has a fewer enemy than the so-popular Windows OS. There’s no system in the world that’s not prone to malware attacks.

Rootkits are one of the nastiest malware that hides in the system without any detection and gains unauthorized access over the system to perform a wide range of illegal acts. Good computer usage habit should be enough to protect you against most of the threats. However, if you suspect that your computer is under the control of a rootkit, it’s time to finish it.

Let’s get started with Tiger rootkit scanner.

Installing Tiger

Tiger isn’t a part of the default Linux packages. Run the following command(s) according to your own Linux distro.

  • Ubuntu
sudo apt install tiger

  • Debian
sudo apt-get install tiger
  • Arch Linux
sudo pacman -S git base-devel
git clone https://aur.archlinux.org/tiger.git

cd tiger
makepkg -sri
  • Generic Linux instruction

Grab Tiger –

git clone https://git.savannah.nongnu.org/git/tiger.git

Install Tiger –

cd tiger/
sudo ./install.sh

Checking for rootkits

Tiger doesn’t offer much customizability, for example, running the “rootkit scan” only. It will perform all of its tasks on the whole system.

Run Tiger –

sudo tiger

Once the process is complete, it will show the report log location.

Reviewing the Tiger report

Review the Tiger report –

sudo -s
cat /var/log/tiger/security.report.xxx.xxx-xx:xx

What to do if any rootkit found

The report will notify you where the rootkit is present. Depending on the condition, you should perform a clean re-install of your system. This will allow you to have a clear system without any rootkits. Learn more about installing Ubuntu MATE or Ubuntu.

LEAVE A REPLY

Please enter your comment!
Please enter your name here