There’s a really popular myth going all around that Linux is not vulnerable to the virus. The claim is true to a certain extent. Obviously, Linux has a fewer enemy than the so-popular Windows OS. There’s no system in the world that’s not prone to malware attacks.
Rootkits are one of the nastiest malware that hides in the system without any detection and gains unauthorized access over the system to perform a wide range of illegal acts. Good computer usage habit should be enough to protect you against most of the threats. However, if you suspect that your computer is under the control of a rootkit, it’s time to finish it.
Let’s get started with Tiger rootkit scanner.
Tiger isn’t a part of the default Linux packages. Run the following command(s) according to your own Linux distro.
sudo apt install tiger
sudo apt-get install tiger
- Arch Linux
sudo pacman -S git base-devel git clone https://aur.archlinux.org/tiger.git cd tiger makepkg -sri
- Generic Linux instruction
Grab Tiger –
git clone https://git.savannah.nongnu.org/git/tiger.git
Install Tiger –
cd tiger/ sudo ./install.sh
Checking for rootkits
Tiger doesn’t offer much customizability, for example, running the “rootkit scan” only. It will perform all of its tasks on the whole system.
Run Tiger –
Once the process is complete, it will show the report log location.
Reviewing the Tiger report
Review the Tiger report –
sudo -s cat /var/log/tiger/security.report.xxx.xxx-xx:xx
What to do if any rootkit found
The report will notify you where the rootkit is present. Depending on the condition, you should perform a clean re-install of your system. This will allow you to have a clear system without any rootkits. Learn more about installing Ubuntu MATE or Ubuntu.