Checking your /dev/

The directory /dev is the most used by "crackers" to hide their rootkits
and backdoors. If you look in our rootkit database
you will see how many entries the /dev have. It happens because the /dev
is very big and most of the administrators dont know what files are supposed
to be there.
More info about the /dev can be found here

Here follow some rules about the /dev:

  • Inside the /dev, all the files must be devices. If you find
    any file that is not a device (or a directory), look carefully at it.

  • The only allowed files inside the /dev/ are the MAKEDEV and the

    $RootCheck: dev.php ,v 1.0 2003/10/20, Daniel B. Cid$