The purpose of this article is to provide instructions on how to use the ATTK for Linux.
ATTK is a tool that can be used to scan and collect system information and suspicious files from a system suspected to be infected/compromised. This information is used by your support engineer and the Antimalware Team to review and attempt to identify the suspicious process(es) and/or file(s).
Download the ATTK tool for your machine from the link provided by support:
- ATTK CLI (Linux) - This tool is the command-line/konsole only version.
- ATTK TUI (Linux) - This tool will create a graphical user interface in the konsole.
- ATTK TUI (Solaris) - This tool will create a graphical user interface in the konsole.
- Mark the binary file as executable:
sudo chmod +x attk_linux_cli_xxx.bin
- Run ATTK for Linux:
sudo ./ attk_linux_cli_xxx.bin
su as root> ./ attk_linux_cli_xxx.bin - Accept the License Agreement:
> ENTER
ATTK will scan the machine.
- Collect the generated zip file to upload to your support engineer for analysis.
It will be in the same folder that you ran the ATTK from. Use a tool like WinSCP to get it off of the machine if needed.