Date: Thu, 13 Feb 2003 14:13:40 -0800 From: Kris Kennaway <kris@obsecurity.org> To: Todd Zimmermann <t.zim@att.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: chkrootkit on 5.0-release... false positive? Message-ID: <20030213221340.GB1002@rot13.obsecurity.org> In-Reply-To: <3E4B4B98.30300@att.net> References: <3E4B4B98.30300@att.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--ftEhullJWpWg/VHq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Feb 13, 2003 at 02:39:04AM -0500, Todd Zimmermann wrote: > Was wondering if anyone else has gotten positives on a rather vague lkm= =20 > trojan when running chkrootkit on 5.0-release p1 ? By definition chkrootkit can only ever use guesswork, and will occasionally produce false positives (and false negatives). Kris --ftEhullJWpWg/VHq Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+TBiUWry0BWjoQKURAiGDAKCv3c0sLYOyUxaTc5Jgj1iqZ6pCZwCfRSOT zRHLHMPGNiQAHDv4Ru9A8Gc= =F23t -----END PGP SIGNATURE----- --ftEhullJWpWg/VHq-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030213221340.GB1002>