Problem solve Get help with specific problems with your technologies, process and projects.

Where to find rootkits for testing intrusion-detection systems

I'm trying to test our HIDS implementation and want to see IDS responses to a server compromise and a rootkit install....

Is there somewhere I can download one of the latest rootkits such as t0rn, tuxkit, etc. so I can install it on a lab server for testing purposes? I also want to test chkrootkit scripts to verify effectiveness. I've looked all over and can't seem to find a place to download them.

There are several ways to find the rootkits you desire. Since I am not use to providing URLs for hacking sites, I will defer, but instead offer the following: Try google.com or other search engines. After I checked, there seems to be a good amount of information and links that can help you.

I will also suggest you check your local ISSA (www.isc2.org) or FBI Infragard (www.infragard.com). Both sources can help with your legitimate request.

For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Hacker tools and utilities
Best Web Links: Network assessment

This was last published in September 2002

Dig Deeper on Network intrusion detection and prevention (IDS-IPS)

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.