Ask the Expert

Where to find rootkits for testing intrusion-detection systems

I'm trying to test our HIDS implementation and want to see IDS responses to a server compromise and a rootkit install. Is there somewhere I can download one of the latest rootkits such as t0rn, tuxkit, etc. so I can install it on a lab server for testing purposes? I also want to test chkrootkit scripts to verify effectiveness. I've looked all over and can't seem to find a place to download them.

    Requires Free Membership to View

There are several ways to find the rootkits you desire. Since I am not use to providing URLs for hacking sites, I will defer, but instead offer the following: Try or other search engines. After I checked, there seems to be a good amount of information and links that can help you.

I will also suggest you check your local ISSA ( or FBI Infragard ( Both sources can help with your legitimate request.

For more information on this topic, visit these other resources:
Best Web Links: Hacker tools and utilities
Best Web Links: Network assessment

This was first published in September 2002

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: