chkrootkit says 'date' is infected
Kris Kennaway
kris at obsecurity.org
Thu May 13 13:05:52 PDT 2004
On Thu, May 13, 2004 at 03:25:44PM -0400, Shaun T. Erickson wrote:
> I just installed and ran the chkrootkit port on my 5.2.1-RELEASE-p5
> system. It says my date command is infected. Nothing else, just that.
> How can I determine if this is a false positive or if I'm truly hacked?
Talk to the chkrootkit developers. Their tool provides so many false
positives that they're the ones who should be bearing the
responsibility for dealing with user confusion :)
Kris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040513/42d8db5e/attachment.bin
More information about the freebsd-questions
mailing list