Backup & Recovery

By admin, 12 April, 2025

Storage Check and Recovery

There are two powerful available rescue utilities from cgsecurity:

TestDisk: checks the partition and boot sectors of your disks. It is very useful in forensics, recovering lost partitions.

PhotoRec: a file data recovery software designed to recover lost files including video, documents and archives from hard disks, CD-ROMs, and lost pictures (thus the Photo Recovery name) from digital camera memory. PhotoRec ignores the file system and goes after the underlying data, so it will still work even if your media's file system has been severely damaged or reformatted.

Secure Delete Right Click Menu

This option has ability in three different levels to wipe data to prevent others to recover deleted files after using the secure-delete command.

  1. Installing secure-delete with Administration Privilege
  2. Downloading Secure Delete Extension for Dolphin File Manager

Chkrootkit Scanner

The chkrootkit security scanner searches the local system for signs that it is infected with a 'rootkit'. Rootkits are set of programs and hacks designed to take control of a target machine by using known security flaws.

  • chkrootkit: a shell script that checks system binaries for rootkit modification.
  • ifpromisc.c: checks if the network interface is in promiscuous mode.
  • chklastlog.c: checks for lastlog deletions.
  • chkwtmp.c: checks for wtmp deletions.
  • check_wtmpx.c: checks for wtmpx deletions. (Solaris only)
  • chkproc.c: checks for signs of LKM trojans.
  • chkdirs.c: checks for signs of LKM trojans.
  • strings.c: quick and dirty strings replacement.
  • chkutmp.c: checks for utmp deletions.

chkwtmp and chklastlog *try* to check for deleted entries in the wtmp and lastlog files, but it is *not* guaranteed that any modification will be detected.

Aliens tries to find sniffer logs and rootkit config files. It looks for some default file locations -- so it is also not guaranteed it will succeed in all cases.

chkproc checks if /proc entries are hidden from ps and the readdir system call. This could be the indication of a LKM trojan. You can also run this command with the -v option (verbose).

Rootkits, Worms and LKMs detected

For an updated list of rootkits, worms and LKMs detected by chkrootkit please visit: http://www.chkrootkit.org/

Affiliates | Club Cards | Privacy Policy | Refund Policy | Terms of Use | Hiring!

Copyright © Pars Enterprise LTD №10852239 Registered in England & Wales by Its Respective Founder & Director, All rights reserved.
2nd Floor, College House, 17 King Edwards Road, Ruislip, London HA4 7AE

DMCA.com Protection Status

                 

USDT ERC20-Compatible Web3 Technology Seamlessly

USDC-BTC-BCH-LTC-ETH-XAUT-SOL-TRX-TRC20-BNB-Dash-Doge


Pars Enterprise®, as well as any other Pars Enterprise service or product names or logos displayed on the Pars Enterprise website, are registered trademarks or trademarks of Pars Enterprise, LTD. (also referred to as ParsEnterprise). The names and logos of third party products and companies shown on the website and used in the materials are the property of their respective owners and may also be trademarks. When you use the Pars Enterprise website, you agree to be bound by the Terms of Use.