+- PINE64 (https://forum.pine64.org)
+-- Forum: PinePhone (https://forum.pine64.org/forumdisplay.php?fid=120)
+--- Forum: PinePhone Software (https://forum.pine64.org/forumdisplay.php?fid=121)
+---- Forum: Arch Linux on PinePhone (https://forum.pine64.org/forumdisplay.php?fid=159)
+---- Thread: Rootkit detector for Arch Linux on PinePhone (/showthread.php?tid=15570)
Pages:
1
2
Rootkit detector for Arch Linux on PinePhone - tk1107 - 12-19-2021
I have been using "chkrootkit" on my Ubuntu desktop for awhile. I saw that it was available for Arch Linux desktop, but not for Arch Linux for PinePhone. When I tried "sudo pacman -S chkrootkit" an error message appeared and said that it was not found. I didn't see it on the Arch Linux wiki or on chkrootkit.org for "ARM". Is there a recommendation for something similar?
RE: Rootkit detector for Arch Linux on PinePhone - ryo - 12-20-2021
I suggest you install from AUR.
If all else fails, compile it from source.
Also, "chkrootkit.org" seems to be down on my end.
RE: Rootkit detector for Arch Linux on PinePhone - RTP - 12-20-2021
(12-19-2021, 05:04 PM)tk1107 Wrote: I have been using "chkrootkit" on my Ubuntu desktop for awhile. I saw that it was available for Arch Linux desktop, but not for Arch Linux for PinePhone. When I tried "sudo pacman -S chkrootkit" an error message appeared and said that it was not found. I didn't see it on the Arch Linux wiki or on chkrootkit.org for "ARM". Is there a recommendation for something similar?
Another option (for pacman) is to add blackarch sources to DanctNIX Arch... adds access to a great deal of security tools including chkrootkit, unhide (forensic tool to "unhide" processes in rootkits), rkhunter, tiger..
When adding blackarch sources, you can select to add all, or just a category of interest. Personally I added for the great range of radio tools.
As the other reply mentioned you could also build from source/AUR it, as is many times suggested.
RE: Rootkit detector for Arch Linux on PinePhone - tk1107 - 12-21-2021
(12-20-2021, 07:33 AM)ryo Wrote: I suggest you install from AUR.
If all else fails, compile it from source.
Also, "chkrootkit.org" seems to be down on my end.
I'm new to Arch Linux, but I have heard of AUR. Is there a step by step example of how to get set up and download from AUR?
RE: Rootkit detector for Arch Linux on PinePhone - tk1107 - 12-21-2021
(12-20-2021, 02:38 PM)RTP Wrote:(12-19-2021, 05:04 PM)tk1107 Wrote: I have been using "chkrootkit" on my Ubuntu desktop for awhile. I saw that it was available for Arch Linux desktop, but not for Arch Linux for PinePhone. When I tried "sudo pacman -S chkrootkit" an error message appeared and said that it was not found. I didn't see it on the Arch Linux wiki or on chkrootkit.org for "ARM". Is there a recommendation for something similar?
Another option (for pacman) is to add blackarch sources to DanctNIX Arch... adds access to a great deal of security tools including chkrootkit, unhide (forensic tool to "unhide" processes in rootkits), rkhunter, tiger..
When adding blackarch sources, you can select to add all, or just a category of interest. Personally I added for the great range of radio tools.
As the other reply mentioned you could also build from source/AUR it, as is many times suggested.
Thanks for the link. I didn't know about BlackArch. I saw chkrootkit and other defensive tools there. Thanks very much.
RE: Rootkit detector for Arch Linux on PinePhone - tk1107 - 12-21-2021
(12-20-2021, 07:33 AM)ryo Wrote: I suggest you install from AUR.
If all else fails, compile it from source.
Also, "chkrootkit.org" seems to be down on my end.
ryo: I found a link at:
https://linuxhint.com/aur_arch_linux/
I can try this and see what happens.
RE: Rootkit detector for Arch Linux on PinePhone - ryo - 12-22-2021
(12-21-2021, 03:21 PM)tk1107 Wrote:(12-20-2021, 07:33 AM)ryo Wrote: I suggest you install from AUR.
If all else fails, compile it from source.
Also, "chkrootkit.org" seems to be down on my end.
ryo: I found a link at:
https://linuxhint.com/aur_arch_linux/
I can try this and see what happens.
I recommend you skip to the "yay" part, it's an AUR helper, so it can automate the whole thing for you.
RE: Rootkit detector for Arch Linux on PinePhone - tk1107 - 12-22-2021
(12-22-2021, 09:38 AM)ryo Wrote:Ok. Thanks for the tip.(12-21-2021, 03:21 PM)tk1107 Wrote:(12-20-2021, 07:33 AM)ryo Wrote: I suggest you install from AUR.
If all else fails, compile it from source.
Also, "chkrootkit.org" seems to be down on my end.
ryo: I found a link at:
https://linuxhint.com/aur_arch_linux/
I can try this and see what happens.
I recommend you skip to the "yay" part, it's an AUR helper, so it can automate the whole thing for you.
RE: Rootkit detector for Arch Linux on PinePhone - tk1107 - 12-29-2021
(12-20-2021, 07:33 AM)ryo Wrote: I suggest you install from AUR.
If all else fails, compile it from source.
Also, "chkrootkit.org" seems to be down on my end.
ryo:
What method have you used to install from AUR on Arch ARM? Do you have any of the "helpers" like "yay" working?
RE: Rootkit detector for Arch Linux on PinePhone - tk1107 - 12-31-2021
Ok. i understand "yay" now. Installing "yay" is very easy and helps to install "pamac". I was testing "pamac" and used it to look at "rkhunter" (a rootkit hunter) in the AUR. It works nice on PinePhone. The Arch ARM terminal is the nicest I've seen so far. The wiki on rkhunter is below:
https://wiki.archlinux.org/title/Rkhunter
The wiki describes whitelisting to help with false positives. PinePhone has the "nano" editor that can help with this.
Thanks for the advice about yay. I've used it, too, for things, and it is impressive.