Tools compared: Malware scanners

Finding the right tool for the job can be difficult task. This sheet compares chkrootkit, ClamAV, LMD and Rootkit Hunter.

Tool comparison: chkrootkit, ClamAV, LMD and Rootkit Hunter
chkrootkitClamAVLMDRootkit Hunter
Description

chkrootkit is a malware scanner to locally check for signs of a rootkit. It is written in shell script and runs on the host system itself.

ClamAV is an open source antivirus engine. It can detect malicious software (malware) like trojans, viruses, backdoors and other related threats.

Linux Malware Detect (LMD) is a malware scanner for systems running Linux. The open source software project is released with the GPLv2 license.

Security tool to search for traces of rootkits, backdoors, and other malicious components on systems running Linux and other flavors of Unix

Dependencies
Strenghts

Used language is shell script, Project is mature (10+ years)

Many maintainers, The source code of this software is available

The source code of this software is available

Used language is shell script, Project is mature (10+ years), The source code of this software is available

Weaknesses

Long time between releases

Programming language(s)

C, Shell script

C

Shell script

Shell script

Last release

0.52 (2017-03-15)

clamav-0.102.0-beta (2019-08-02)

1.6.4 (2019-04-15)

1.4.4 (2017-06-29)

Tool page (last updated)

2018-04-29

2019-08-06

2019-07-14

2018-06-24

Tool score

59

100

96

59

Download

Download

Download

Download

Download

More information

chkrootkit review

ClamAV review

LMD review

Rootkit Hunter review