On Tue, Feb 14, 2006 at 11:27:27PM +1100 or thereabouts, Paul Dwerryhouse wrote:
> On Tue, Feb 14, 2006 at 02:46:48AM -0500, Stephen wrote:
> > Is this a valid response or false positive ?
> >
> > /etc/cron.daily/chkrootkit:
> > eth0: PACKET SNIFFER(/sbin/dhclient[1102])
>
> False positive; it's
On Tuesday 14 February 2006 14:58, Brad Sawatzky wrote:
>On Tue, 14 Feb 2006, Gene Heskett wrote:
>> On Tuesday 14 February 2006 07:27, Paul Dwerryhouse wrote:
>> >On Tue, Feb 14, 2006 at 02:46:48AM -0500, Stephen wrote:
>> >> Is this a valid response or false positive ?
>> >>
>> >> /etc/cron.daily
On Tue, 14 Feb 2006, Gene Heskett wrote:
> On Tuesday 14 February 2006 07:27, Paul Dwerryhouse wrote:
> >On Tue, Feb 14, 2006 at 02:46:48AM -0500, Stephen wrote:
> >> Is this a valid response or false positive ?
> >>
> >> /etc/cron.daily/chkrootkit:
> >> eth0: PACKET SNIFFER(/sbin/dhclient[1102])
On Tuesday 14 February 2006 07:27, Paul Dwerryhouse wrote:
>On Tue, Feb 14, 2006 at 02:46:48AM -0500, Stephen wrote:
>> Is this a valid response or false positive ?
>>
>> /etc/cron.daily/chkrootkit:
>> eth0: PACKET SNIFFER(/sbin/dhclient[1102])
>
>False positive; it's because that program has your
On Tuesday 14 February 2006 02:46, Stephen wrote:
>Hey folks:
>
>Is this a valid response or false positive ?
>
>/etc/cron.daily/chkrootkit:
>eth0: PACKET SNIFFER(/sbin/dhclient[1102])
>
I believe thats a valid response unless you were running tcpdump at the
time it scanned your system. I'd certa
On Tue, Feb 14, 2006 at 02:46:48AM -0500, Stephen wrote:
> Is this a valid response or false positive ?
>
> /etc/cron.daily/chkrootkit:
> eth0: PACKET SNIFFER(/sbin/dhclient[1102])
False positive; it's because that program has your ethernet interface in
promiscuous mode. For dhclient, this is com
6 matches
Mail list logo
