On the other hand, your system could be compromised, so if you haven't done any upgrade or manual modifies to the system, the FIC can give evidence of changes.
For example, GRsecurity/Pax or Selinux add this feature to GNU/Linux (by patching the kernel).
File Integrity Checkers (FIC)
What are the rootkits?
A good point of start for defining what "rootkits" are is Wikipedia. It describes them as "A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications. The term rootkit is a concatenation of "root" (the traditional name of the privileged account on Unix operating systems) and the word "kit" (which refers to the software components that implement the tool). The term "rootkit" has negative connotations through its association with malware."
In other words, a rookit is software that allows someone to control or have priviledges on your system... and you (the administrator) you don't know... It's a terrible thing!
Think for a minute how many crazy people are outside there... software pirates, black hats, irc bots installers, script-kiddies, etc...
All of these men, can use your system for bad purpouses.. And you'll pay for them, if they makes illegal things...
What we need to do? There are some tools called "rootkits revealers"... In the second part of this article I'll explain you how to use them. But remember, the first rules is... be "proactive" and harden your system!
So GNU/Linux has many antivirus to detect virus and block them! In the second part we I'll talk about them
Last update: 7 Dic 2010
Digital Patch Posts by Angelo F. are licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 Unported License.
Based on a work at digitalpatch.blogspot.com.