[SLE] rootkit infection in SuSE 9.1?

• Previous message: Matthew: "Re: [SLE] subfs & Doug's ranting"
• Next in thread: Scott Leighton: "Re: [SLE] rootkit infection in SuSE 9.1?"
• Reply: Scott Leighton: "Re: [SLE] rootkit infection in SuSE 9.1?"
• Reply: Mark Crean: "Re: [SLE] rootkit infection in SuSE 9.1?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: SuSE Linux English <suse-linux-e@suse.com>
Date: Mon, 7 Jun 2004 23:39:43 -0500

Hi everybody.

I happen to run checkrootkit on my Linux boxes periodically.
Today was my first time on SuSE9.1. I noticed that chkrootkit-0.43 claims
that both /usr/bin/top and /usr/bin/find are infected with rootkits.

As a precaution, I've reinstalled the packages for procps (contains top,)and
 findutils (contains find) from the distribution DVD, but get the same
result.

I got the chkrootkit off of www.chkrootkit.org and verified the md5 checksum
of the 0.43 tarball.

I assume that chkrootkit-0.43 isn't up to date enough to produce a correct
reading. Am I safe in this assumption? Perhaps I'm way off here. If so,
can anyone set me straight?

Thanks in advance.

-- 
JAY VOLLMER
JVOLLMER@CONSOLIDATEDLINT.COM
TEXT REFS DOUBLEPLUSUNGOOD SELFTHINK VERGING CRIMETHINK IGNORE FULLWISE
-- 
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@suse.com

• Previous message: Matthew: "Re: [SLE] subfs & Doug's ranting"
• Next in thread: Scott Leighton: "Re: [SLE] rootkit infection in SuSE 9.1?"
• Reply: Scott Leighton: "Re: [SLE] rootkit infection in SuSE 9.1?"
• Reply: Mark Crean: "Re: [SLE] rootkit infection in SuSE 9.1?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]