Package: chkrootkit Version: 0.46a-3 Severity: normal Hi!
chkrootkit does some tests but ignores the result. Example:
======================================================================
### China Worm (Sadmind/IIS Worm)
if [ "${QUIET}" != "t" ];then printn "Searching for Sadmind/IIS Worm... "; fi
files=`${find} ${ROOTDIR}dev/cuc > /dev/null 2>&1`
if [ "${files}" = "" ]; then
if [ "${QUIET}" != "t" ]; then echo "nothing found"; fi
else
echo "${files}"
fi
======================================================================
Here all find output is sent to /dev/null, and $files is always empty.
I found this error in the following tests:
China Worm (Sadmind/IIS Worm)
MonKit
OpticKit
Mithra's Rootkit
Thanks,
Jö.
-- System Information:
Debian Release: testing/unstable
APT prefers proposed-updates
APT policy: (500, 'proposed-updates'), (500, 'testing'), (500, 'stable'), (1,
'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-1-k7
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=UTF-8)
Versions of packages chkrootkit depends on:
ii binutils 2.16.1cvs20060413-1 The GNU assembler, linker and bina
ii debconf [debconf-2.0 1.4.72 Debian configuration management sy
ii libc6 2.3.6-7 GNU C Library: Shared libraries
ii net-tools 1.60-17 The NET-3 networking toolkit
ii procps 1:3.2.6-2.1 /proc file system utilities
chkrootkit recommends no packages.
-- debconf information:
* chkrootkit/run_daily: true
* chkrootkit/run_daily_opts: -q -n
* chkrootkit/diff_mode: true
--
<ex-bart> seen die_MACHT
<Volk> I don't know who die_MACHT is.
signature.asc
Description: Digital signature
