It appears you have not registered with our community. To register please click here ...

Share
« previous next »
Pages: [1]

Author Topic: [Tip] Chkrootkit Common False Positives  (Read 1328 times)

dynaweb

  • <b>Canine Deamon</b>
  • Administrator
  • Sr. Member
  • *****
  • Posts: 493
  • Karma: +10/-0
  • Generic personal text here ...
    • MSN Messenger - danno_d_manno@yahoo.com
    • View Profile
    • DynaWeb Designs
    • Email
[Tip] Chkrootkit Common False Positives
« on: March 03, 2006, 08:41:45 AM »
I am dedicating this thread to recording common false positive chkrootkit outputs. Feel free to add your own here.
 
System = RHEL3 with Cpanel
FalsePositives:
- "Checking `bindshell\'... INFECTED (PORTS: 465)" = Exim\'s SMTP over SSL
- "Searching for suspicious files and dirs, it may take a while..." - many references to file .packlist here
Logged
Those who cannot learn from history are doomed to repeat it. -- Linux learns.
Pages: [1]
« previous next »
 

Related Topics

  Subject / Started by Replies Last post
1 Replies
2687 Views 		Last post July 30, 2005, 06:18:53 PM
by dynaweb
0 Replies
197 Views 		Last post November 20, 2005, 10:44:53 AM
by Linux News
0 Replies
168 Views 		Last post December 10, 2005, 02:21:29 PM
by Linux News

Share