From owner-freebsd-ports Thu Jan 31 5:30:26 2002 Delivered-To: freebsd-ports@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 7A35437B404 for ; Thu, 31 Jan 2002 05:30:01 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g0VDU1X26166; Thu, 31 Jan 2002 05:30:01 -0800 (PST) (envelope-from gnats) Received: from panic.iqm.unicamp.br (panic.iqm.unicamp.br [143.106.51.4]) by hub.freebsd.org (Postfix) with ESMTP id 7AE0937B402 for ; Thu, 31 Jan 2002 05:23:04 -0800 (PST) Received: by panic.iqm.unicamp.br (V-MTA, from userid 0) id BA8D2D655; Thu, 31 Jan 2002 11:23:02 -0200 (BRST) Message-Id: <20020131132302.BA8D2D655@panic.iqm.unicamp.br> Date: Thu, 31 Jan 2002 11:23:02 -0200 (BRST) From: Luiz Eduardo Roncato Cordeiro Reply-To: Luiz Eduardo Roncato Cordeiro To: FreeBSD-gnats-submit@freebsd.org Cc: jessen@nic.br, nelson@pangeia.com.br, cordeiro@panic.iqm.unicamp.br X-Send-Pr-Version: 3.113 Subject: ports/34485: Update port: security/chkrootkit: upgrade to version 0.35 Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 34485 >Category: ports >Synopsis: Update port: security/chkrootkit: upgrade to version 0.35 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Thu Jan 31 05:30:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: Luiz Eduardo Roncato Cordeiro >Release: FreeBSD 4.4-STABLE i386 >Organization: >Environment: System: FreeBSD panic.iqm.unicamp.br 4.4-STABLE FreeBSD 4.4-STABLE #36: Fri Sep 21 14:37:05 BRT 2001 cordeiro@panic.iqm.unicamp.br:/usr/src/sys/compile/PANIC i386 >Description: Upgrade from chrootkit 0.34 to chkrootkit 0.35. >How-To-Repeat: >Fix: diff -ruN chkrootkit.bak/Makefile chkrootkit/Makefile --- chkrootkit.bak/Makefile Thu Jan 31 10:51:54 2002 +++ chkrootkit/Makefile Thu Jan 31 11:01:42 2002 @@ -6,7 +6,7 @@ # PORTNAME= chkrootkit -PORTVERSION= 0.34 +PORTVERSION= 0.35 CATEGORIES= security MASTER_SITES= ftp://ftp.pangeia.com.br/pub/seg/pac/ diff -ruN chkrootkit.bak/distinfo chkrootkit/distinfo --- chkrootkit.bak/distinfo Thu Jan 31 10:51:54 2002 +++ chkrootkit/distinfo Thu Jan 31 10:54:10 2002 @@ -1 +1 @@ -MD5 (chkrootkit-0.34.tar.gz) = 3dea2c29537d086e85134c600b38bc3b +MD5 (chkrootkit-0.35.tar.gz) = edf50a9c8c6bf09b0a9147f2e6168826 diff -ruN chkrootkit.bak/pkg-descr chkrootkit/pkg-descr --- chkrootkit.bak/pkg-descr Thu Jan 31 10:51:54 2002 +++ chkrootkit/pkg-descr Thu Jan 31 11:07:32 2002 @@ -1,27 +1,17 @@ -Chkrootkit is a tool to locally check for signs of a rootkit. It -contains: - - * chkrootkit: a shell script that checks system binaries for - rootkit modification. - - * ifpromisc.c: checks if the network interface is in promiscuous - mode. - - * chklastlog.c: checks for lastlog deletions. - - * chkwtmp.c: checks for wtmp deletions. - - * check_wtmpx.c: checks for wtmpx deletions. (Solaris only) - - * chkproc.c: checks for signs of LKM trojans. + Chkrootkit is a tool to locally check for signs of a rootkit. + ------------------------------------------------------------- + + Rootkits, Worms and LKMs detected + --------------------------------- The following rootkits, worms and LKMs are currently detected: Solaris rootkit, FreeBSD rootkit, lrk3, lrk4, lrk5, lrk6, t0rn (and t0rn v8), some lrk variants, Ambient's Rootkit for Linux (ARK), Ramen Worm, rh[67]-shaper, RSHA, Romanian rootkit, RK17, Lion Worm, Adore Worm, LPD Worm, kenny-rk, Adore LKM, ShitC Worm, Omega Worm, Wormkit - Worm, dsc-rootkit. - + Worm, dsc-rootkit, RST.b, duarawkz, knark LKM, Monkit, Hidrootkit, + Bobkit, Pizdakit, t0rn (v8.0 variant). + Nelson Murilo WWW: http://www.chkrootkit.org/ >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message