The application was primarily designed to detect the rootkits on the Linux , Sun , IBM servers, thereafter the asset based concept was imparted as that's how this application got designed.

The Application flows like:

A consultant or Administrator can create a client porfolio where he can define the client id , client's name , client's OS , Scanning duration ( Monthly , Quarterly or Yearly) and the details are saved into a client database having list of all client's and further the file system for that particular client is create with a folder named with the client id defined earlier where all client's related data and databases would be stored.

As soon the client's portfolio is ready the consultant can login to client's workspace using the client id. Thereafter the tasks are:

The Consultant has to define assets which should remain unmodified on the servers. The Add Asset Option allows to add assets with Id and Priority.

Once the assets are defined the consultant can select the option to create critical database. As soon as the option is collected tool with create databases of all critical assets defined earlier. The database file has attributes binary id , binary name , binary checksum and date of asset added.

Upto this , it is one time task where consultant goes to the client and get the critical files databases.

To scan the system for infection , the user can select the option of start the scan and then all assets of that particular client are verified from the database created earlier. So basically the integrity check is by using the checksums.

Once the scan is over it would display the infection (if there).

Then the user can select the report option where all the infections which was identified details would be displayed , basically the file creation , access , modification dates and all as they can be used in incident reporting and forensic investigations.

The user can also schedule the scan (automated) where he defines the exact time to run the scan on daily basis.