You are not logged in.
- Topics: Active | Unanswered
#1 2012-11-06 00:00:45
- xor
- Member
- From: Sweden
- Registered: 2003-03-20
- Posts: 73
Chkrootkit says infected in brand new install?
Hi
Need to have my brand new installationverified in some way?
Installation made from latest iso 2012.11.01 (checksum verified)
Chkrootkit complains about /sbin/init infected with Suckit rootkit and LKM chdir.
Just setup the system and after the first reboot I did run chkrootkit, system seems to be rooted right away (if it is I am not alone..)
Either is there something wrong with the chkrootkit package checking systemd-sysvcompat and kerberos packages or... ?
I do not have anything to compare with but if someone has a new installation I may have his/her checksums of packages in pacman cache?
for file in `ls /var/cache/pacman/pkg/`;do sha512sum $file;donePackstrap installation: base,iptables,aide,btrfs-progs,chkrootkit,rkhunter,grub-bios
Any suggestions?
/xor
Offline
#2 2012-11-06 00:20:15
- flipper T
- Member
- Registered: 2012-09-14
- Posts: 419
Re: Chkrootkit says infected in brand new install?
according to those nice fedora folk, it is a false positive:
If I'm curt with you it's because time is a factor. I think fast, I talk fast and I need you guys to act fast if you wanna get out of this. So, pretty please... with sugar on top. Clean the [censored] car. -The Wolf
Offline
#3 2012-11-06 09:27:36
- xor
- Member
- From: Sweden
- Registered: 2003-03-20
- Posts: 73
Re: Chkrootkit says infected in brand new install?
Thanks, it seems that chkrootkit is not updated.
/xor
Offline
#4 2012-11-06 21:49:02
- leftism
- Member
- Registered: 2011-11-28
- Posts: 11
Re: Chkrootkit says infected in brand new install?
Im getting chkdirs: Warning: Possible LKM Trojan installed. Is this the same warning you have?
Offline