On Tue, Dec 30, 2003 at 02:35:41PM +0100, Benoit Mortier wrote: Content-Description: signed data > > maybe the statically linked package could be usefull alone in case of an > incident ? I don't know (as I have never used this skdetect thing) but if it's useful the statically linked version could be included in the chkrootkit package too. In any case, if you have a kernel-level rootkit it is not really relevant if you are useing a static-compiled or dynamicly-linked program, it can fool both. The only sure way is to analyse the system after powering it off from trusted media. Regards Javi
Attachment:
signature.asc
Description: Digital signature