/usr/local/sbin/chkrootkit - INFECTED

From: Tommy K <tommy(at)berlin.homeunix.com>
Date: Fri, 2 Jul 2004 14:27:50 +0200

Ich hab grade mal an dem Authore geschrieben vom chkrootkit,
hab die Mail hier mal geforwordet. :-)

Ignoriert mein english einfach... :-)

Tommy

----- Forwarded message from Nelson Murilo <nelson(at)pangeia.com.br> -----

Delivered-To: tommy(at)berlin.homeunix.com
Date: Fri, 2 Jul 2004 09:16:23 -0300
From: Nelson Murilo <nelson(at)pangeia.com.br>
To: Tommy K <tommy(at)berlin.homeunix.com>
Subject: Re: chkrootkit > FreeBSD-4.10-p2
In-Reply-To: <20040702112050.GC1093(at)berlin.homeunix.com>
User-Agent: Mutt/1.4i

On Fri, Jul 02, 2004 at 01:20:50PM +0200, Tommy K wrote:
> Hello,
>
> i have tested chkrootkit on many FreeBSD 4.10** maschines and all of the
> tested machines have the same INFECTED things.
>
> I think that is a bug in chkrootkit
>
> <snip>

Yes, you right.

I will fix it in the next version.

Thanks a lot for you bug report and interest in chkrootkit,

./nelson -murilo

> # chkrootkit
> ROOTDIR is `/'
> Checking `amd'... not infected
> Checking `basename'... not infected
> Checking `biff'... not infected
> Checking `chfn'... INFECTED
> Checking `chsh'... INFECTED
> Checking `cron'... not infected
> Checking `date'... INFECTED
> Checking `du'... not infected
> Checking `dirname'... not infected
> Checking `echo'... not infected
> Checking `egrep'... not infected
> Checking `env'... not infected
> </snip>
>
> Hopefully it could help you!
>
> Regards Tommy
>
> --
> Das B?ro am Draht GmbH | Bl?cherstra?e 22 | D-10961 Berlin
> http://www.dasburo.com | http://tom.dasburo.com
>
> Key fingerprint = BFED 7E4C 8B67 64C8 B210 89D1 5678 1A02 7354 DFB5
>
> Thomas Kamann | Auszubildener - Anwendungsentwicklung

----- End forwarded message -----

To Unsubscribe: send mail to majordomo(at)de.FreeBSD.org
with "unsubscribe de-bsd-questions" in the body of the message
Received on Fri 02 Jul 2004 - 14:28:20 CEST

search this site