Where to find rootkits for testing intrusion-detection systems

I'm trying to test our HIDS implementation and want to see IDS responses to a server compromise and a rootkit install.

Is there somewhere I can download one of the latest rootkits such as t0rn, tuxkit, etc. so I can install it on a lab server for testing purposes? I also want to test chkrootkit scripts to verify effectiveness. I've looked all over and can't seem to find a place to download them.

There are several ways to find the rootkits you desire. Since I am not use to providing URLs for hacking sites, I will defer, but instead offer the following: Try google.com or other search engines. After I checked, there seems to be a good amount of information and links that can help you.

I will also suggest you check your local ISSA (www.isc2.org) or FBI Infragard (www.infragard.com). Both sources can help with your legitimate request.

For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Hacker tools and utilities
Best Web Links: Network assessment

This was first published in September 2002

Dig deeper on Network Intrusion Detection (IDS)



Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: