Date: Thu, 13 Feb 2003 14:13:40 -0800 From: Kris Kennaway <kris@obsecurity.org> To: Todd Zimmermann <t.zim@att.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: chkrootkit on 5.0-release... false positive? Message-ID: <20030213221340.GB1002@rot13.obsecurity.org> In-Reply-To: <3E4B4B98.30300@att.net> References: <3E4B4B98.30300@att.net>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Thu, Feb 13, 2003 at 02:39:04AM -0500, Todd Zimmermann wrote: > Was wondering if anyone else has gotten positives on a rather vague lkm > trojan when running chkrootkit on 5.0-release p1 ? By definition chkrootkit can only ever use guesswork, and will occasionally produce false positives (and false negatives). Kris [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+TBiUWry0BWjoQKURAiGDAKCv3c0sLYOyUxaTc5Jgj1iqZ6pCZwCfRSOT zRHLHMPGNiQAHDv4Ru9A8Gc= =F23t -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030213221340.GB1002>