[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Chkrootkit - true/false ?



Hi 

I have rkhunter and chkrootkit running in a cron job every morning and
every now and again I get chkrootkit results like this:

Checking `lkm'... You have     3 process hidden for ps command
Warning: Possible LKM Trojan installed

And sometimes this:

Checking `lkm'... You have     3 process hidden for readdir command
You have     3 process hidden for ps command
Warning: Possible LKM Trojan installed

Sometimes chkrootkit returns nothing detected and every time rkhunter
tells me nothing is wrong. Is this a false positive with chkrootkit and
debian woody?

Dave



Reply to: