On 09/26/2010 01:52 PM, JD wrote: > > On 09/25/2010 10:42 PM, Ed Greshko wrote: >> On 09/26/2010 12:54 PM, JD wrote: >>> Well,if my machine was rooted, and I have a firewall that >>> drops ALL incoming requests, then how was it rooted if not >>> through some package or through the kernel itself? >> I would suggest folks take a step back and do some research on "lkm >> false positive" before jumping to a conclusion that they have a problem. >> > Well, ... before jumping to conclusion that who has a problem? > rkhunter or chkrootkit? I assume you mean rkhunter?? > If so, I tend to agree. I saw a lot of google hits reporting > false positives by chkrootkit. > Any of these "detection applications" can report false positives. Which is why they report "your system *may* be infected" or "*Possible* XXX installed...". My message is simple. If you run these apps and they say you may be infected...don't jump to a conclusion and nuke your system. -- Dreams are free, but there's a small charge for alterations. 葛斯克 愛德 華 / 台北市八德路四段
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
