ckrootkit et portsentry (était: amusant)

[Charles Goyard <charles@plonk.net>]

Salut,

J'ai lancé chkrootkit, qui m'a 'trouvé' un rootkit, j'ai regardé la doc
pour les détails, et je vois, dans /usr/share/doc/chkrootkit :

README.Debian for chkrootkit
----------------------------

Below is a list of packages which are known to set off false alarms in
chkrootkit. 

libproc-dev: chkrootkit detects libproc.a as a possible component of
t0rn v8 

slice: /usr/bin/slice sets false alarm about RH-Sharpe

portsentry: Portsentry by default listens to port 31337/udp, which
chkrootkit detects as malicious. chkrootkit checks for other malicious
ports, which may be bound by innocent programs. 
                


-- 
Charles