RE: Test with Chkrootkit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, 2004-07-25 at 20:57, John Dangler wrote:
> [snip] 
> 
> >There is a known problem with some versions of chkrootkit on Fedora.  It
> >wrongly identifies a number of processes as hidden.
> 
> That's why I just installed the latest version before making the comment.
> 
> >The original poster reported that the latest version from the chkrootkit
> >site no longer has this problem.  
> 
> If the "latest version" is .43, and the kernel is the latest 2.6.6, then it
> still has the problem.

The original poster was reporting that ls was infected along with hidden
processes.  

I thought he had indicated that a newer version resolved all the issues
but maybe it just resolves the ls issue.  Plus I believe he pulled the
sources for chkrootkit from the web site not the RPM that is available.

The hidden process problem may not be fixed and from reading some
additional postings on the subject it may not be fixable.  Seems there
may be a race condition in chkrootkit looking for hidden processes.  
-- 
Scot L. Harris
webid@xxxxxxxxxx

Fortune's Office Door Sign of the Week:

	Incorrigible punster -- Do not incorrige. 



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux