Jason Montleon wrote:
I caught output of my virusscan stating that /sbin/ethtool was a trojan or
variant Linux/Exploit last night after updating to the new DAT files. By
default the virus scan moves the files to a folder I've specified, so I
double checked that /sbin/ethtool did in fact no longer exist, downloaded
the (presumably clean RPM from
http://download.fedora.us/fedora/fedora/1/i386/RPMS.os/, (couldn't find and
md5sum for the rpm to compare against; perhaps just didnt try hard enough)
rpm --force -ivh ethtool* and this is what I got:
[root@xxx sbin]# /opt/mcafee/uvscan /sbin/ethtool
/sbin/ethtool
Found trojan or variant Linux/Exploit !!!
Please send a copy of the file to Network Associates
I have ethtool-1.6-2 from RedHat's Fedora repository, and it scans clean
with f-prot. Without going to fedora.us repository to compare, I would
say it must be different, as this rpm goes into /usr/sbin/ethtool, not
/sbin/ethtool.
--
--------------------------------------------------------
"Oh scholar, if your scholarship benefits not Mankind,
you deserve not admiration but contempt." -- Kahlil Gibran
