I'm trying to test our HIDS implementation and want to see IDS responses to a server compromise and a rootkit install....
Is there somewhere I can download one of the latest rootkits such as t0rn, tuxkit, etc. so I can install it on a lab server for testing purposes? I also want to test chkrootkit scripts to verify effectiveness. I've looked all over and can't seem to find a place to download them.
There are several ways to find the rootkits you desire. Since I am not use to providing URLs for hacking sites, I will defer, but instead offer the following: Try google.com or other search engines. After I checked, there seems to be a good amount of information and links that can help you.
I will also suggest you check your local ISSA (www.isc2.org) or FBI Infragard (www.infragard.com). Both sources can help with your legitimate request.
For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Hacker tools and utilities
Best Web Links: Network assessment
Dig Deeper on Network intrusion detection and prevention (IDS-IPS)
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.