ckrootkit et portsentry (était: amusant)
Salut,
J'ai lancé chkrootkit, qui m'a 'trouvé' un rootkit, j'ai regardé la doc
pour les détails, et je vois, dans /usr/share/doc/chkrootkit :
README.Debian for chkrootkit
----------------------------
Below is a list of packages which are known to set off false alarms in
chkrootkit.
libproc-dev: chkrootkit detects libproc.a as a possible component of
t0rn v8
slice: /usr/bin/slice sets false alarm about RH-Sharpe
portsentry: Portsentry by default listens to port 31337/udp, which
chkrootkit detects as malicious. chkrootkit checks for other malicious
ports, which may be bound by innocent programs.
--
Charles
Reply to: