u-noneinc-s
4th December 2005, 07:20 PM
FC3, relatively up to date with yum, chkrootkit is up to date.
I run rkhunter in cron.daily, and "occasionally" run chkrootkit.
I guess I haven't been paying a whole lot of attention, as I have just noticed that everything
is "not infected" or "nothing found", except, today I noticed this...
Checking `sniffer'... eth0: PF_PACKET(/sbin/dhclient)
It neither says "not infected" or "nothing found", but also doesn't say "infected" or
"something found".
Is this the expected output for this particular test?
I'm thinking of dumping chkrootkit anyway because of the dotfile nightmare, but I would like
to know if this lack of "not found/found" "not infected/infected result is normal.
Thanks
Mark
I run rkhunter in cron.daily, and "occasionally" run chkrootkit.
I guess I haven't been paying a whole lot of attention, as I have just noticed that everything
is "not infected" or "nothing found", except, today I noticed this...
Checking `sniffer'... eth0: PF_PACKET(/sbin/dhclient)
It neither says "not infected" or "nothing found", but also doesn't say "infected" or
"something found".
Is this the expected output for this particular test?
I'm thinking of dumping chkrootkit anyway because of the dotfile nightmare, but I would like
to know if this lack of "not found/found" "not infected/infected result is normal.
Thanks
Mark
