Date: Thu, 13 Feb 2003 02:39:04 -0500 From: Todd Zimmermann <t.zim@att.net> To: freebsd-questions@freebsd.org Subject: chkrootkit on 5.0-release... false positive? Message-ID: <3E4B4B98.30300@att.net>
next in thread | raw e-mail | index | archive | help
Was wondering if anyone else has gotten positives on a rather vague lkm trojan when running chkrootkit on 5.0-release p1 ? I ran it occasionally on 4.7 stable and it never found anything. It's reporting chfn, chsh, date, ls, and ps as infected and a possible lkm trojan being loaded, plus 8-12 processes hidden from ps. Thinking its probably just the port not being in sync with the new release but being a believer in paranoia... Any feedback would be appreciated. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E4B4B98.30300>