From owner-freebsd-ports Fri Sep 21 9:50:11 2001 Delivered-To: freebsd-ports@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id DDCC037B41D for ; Fri, 21 Sep 2001 09:50:00 -0700 (PDT) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.4/8.11.4) id f8LGo0X98980; Fri, 21 Sep 2001 09:50:00 -0700 (PDT) (envelope-from gnats) Received: from panic.iqm.unicamp.br (panic.iqm.unicamp.br [143.106.51.4]) by hub.freebsd.org (Postfix) with ESMTP id 3949337B414 for ; Fri, 21 Sep 2001 09:41:30 -0700 (PDT) Received: by panic.iqm.unicamp.br (V-MTA, from userid 0) id CFC73D63B; Fri, 21 Sep 2001 13:41:19 -0300 (BRT) Message-Id: <20010921164119.CFC73D63B@panic.iqm.unicamp.br> Date: Fri, 21 Sep 2001 13:41:19 -0300 (BRT) From: Luiz Eduardo Roncato Cordeiro Reply-To: Luiz Eduardo Roncato Cordeiro To: FreeBSD-gnats-submit@freebsd.org Cc: cordeiro@panic.iqm.unicamp.br X-Send-Pr-Version: 3.113 Subject: ports/30709: Update port: security/chkrootkit: upgrade to version 0.34 Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 30709 >Category: ports >Synopsis: Update port: security/chkrootkit: upgrade to version 0.34 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Fri Sep 21 09:50:00 PDT 2001 >Closed-Date: >Last-Modified: >Originator: Luiz Eduardo Roncato Cordeiro >Release: FreeBSD 4.4-PRERELEASE i386 >Organization: Chemistry Institute - UNICAMP >Environment: System: FreeBSD panic.iqm.unicamp.br 4.4-PRERELEASE FreeBSD 4.4-PRERELEASE #2: Thu Aug 9 13:45:02 BRT 2001 root@panic.iqm.unicamp.br:/usr/obj/usr/src/sys/PANIC i386 >Description: Upgrade from chrootkit 0.32 to chkrootkit 0.34. >How-To-Repeat: >Fix: diff -ruN /usr/ports/security/chkrootkit/Makefile ./chkrootkit/Makefile --- /usr/ports/security/chkrootkit/Makefile Mon May 14 14:29:22 2001 +++ ./chkrootkit/Makefile Fri Sep 21 13:26:22 2001 @@ -2,11 +2,11 @@ # Date created: 13 Mar 2001 # Whom: Luiz Eduardo R. Cordeiro # -# $FreeBSD: ports/security/chkrootkit/Makefile,v 1.4 2001/05/11 14:34:07 kevlo Exp $ +# $FreeBSD$ # PORTNAME= chkrootkit -PORTVERSION= 0.32 +PORTVERSION= 0.34 CATEGORIES= security MASTER_SITES= ftp://ftp.pangeia.com.br/pub/seg/pac/ @@ -14,7 +14,7 @@ ALL_TARGET= chkrootkit chklastlog chkwtmp ifpromisc -DOCFILES= COPYRIGHT README.chklastlog README.chkwtmp +DOCFILES= COPYRIGHT README README.chklastlog README.chkwtmp pre-patch: ${PERL} -pi -e "s/^CC/#CC/; s/^CFLAGS/#CFLAGS/" ${WRKSRC}/Makefile diff -ruN /usr/ports/security/chkrootkit/distinfo ./chkrootkit/distinfo --- /usr/ports/security/chkrootkit/distinfo Mon May 14 14:29:22 2001 +++ ./chkrootkit/distinfo Fri Sep 21 13:24:02 2001 @@ -1 +1 @@ -MD5 (chkrootkit-0.32.tar.gz) = 6ed5ae272538a64fe2e395931de3bdf7 +MD5 (chkrootkit-0.34.tar.gz) = 3dea2c29537d086e85134c600b38bc3b diff -ruN /usr/ports/security/chkrootkit/pkg-descr ./chkrootkit/pkg-descr --- /usr/ports/security/chkrootkit/pkg-descr Mon May 14 14:29:22 2001 +++ ./chkrootkit/pkg-descr Fri Sep 21 13:35:04 2001 @@ -3,16 +3,24 @@ * chkrootkit: a shell script that checks system binaries for rootkit modification. + * ifpromisc.c: checks if the network interface is in promiscuous mode. + * chklastlog.c: checks for lastlog deletions. + * chkwtmp.c: checks for wtmp deletions. + + * check_wtmpx.c: checks for wtmpx deletions. (Solaris only) + + * chkproc.c: checks for signs of LKM trojans. The following rootkits, worms and LKMs are currently detected: Solaris rootkit, FreeBSD rootkit, lrk3, lrk4, lrk5, lrk6, t0rn (and t0rn v8), some lrk variants, Ambient's Rootkit for Linux (ARK), Ramen Worm, rh[67]-shaper, RSHA, Romanian rootkit, RK17, Lion Worm, Adore - Worm, LPD Worm, kenny-rk and Adore LKM. + Worm, LPD Worm, kenny-rk, Adore LKM, ShitC Worm, Omega Worm, Wormkit + Worm, dsc-rootkit. Nelson Murilo diff -ruN /usr/ports/security/chkrootkit/pkg-plist ./chkrootkit/pkg-plist --- /usr/ports/security/chkrootkit/pkg-plist Wed Apr 18 13:34:42 2001 +++ ./chkrootkit/pkg-plist Fri Sep 21 13:28:42 2001 @@ -3,6 +3,7 @@ sbin/chkwtmp sbin/ifpromisc %%PORTDOCS%%share/doc/chkrootkit/COPYRIGHT +%%PORTDOCS%%share/doc/chkrootkit/README %%PORTDOCS%%share/doc/chkrootkit/README.chklastlog %%PORTDOCS%%share/doc/chkrootkit/README.chkwtmp %%PORTDOCS%%@dirrm share/doc/chkrootkit >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message