On Mon, Jun 23, 2014 at 07:28:15PM +0100, Brian wrote: > There is no well-documented case of chrootkit ever giving a true > positive; false positives are its stock in trade. What do you expect of > a program which searches for things which do not exist or which have no > relevance (if they ever had) on a modern Linux? Indeed. rkhunter is the way to go IMO, not chrootkit. Reco