sslug-teknik team mailing list archive

Thread
Date

Re: chkrootkit: suspicious files

To: sslug-teknik@xxxxxxxx
From: Peter Makholm <peter@xxxxxxxxxxx>
Date: 30 Jun 2004 11:37:15 +0200
Delivered-to: mailing list sslug-teknik@xxxxxxxx
Mailing-list: contact sslug-teknik-help@xxxxxxxx; run by ezmlm
Newsgroups: sslug.teknik
Organization: hacking.dk - Doing fun stuff with open source
Sender: brother@xxxxxxxxxxxxx
User-agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3
Xyzzy: Nothing happens!

Jørgen Heesche <heesche@xxxxxxxxxxx> writes:

> Searching for suspicious files and dirs, it may take a while...
> /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/auto/Video/ivtv/.packlist

Står det ikke i dokumentationen hvad programmet tjekker for så du selv
har mulighed for at afgøre om noget er et reelt problem eller bare et
falsk hit?

> Hvordan kan disse filer være suspekte?

Jeg kunne forestille mig at den hentyder til filnavne der begynder med
et punktum steder hvor den ikke forventer den slags filnavne (primært
i brugeres hjemkataloger).

-- 
 Peter Makholm     |       Why does the entertainment industry wants us to
 peter@xxxxxxxxxxx |      believe that a society base on full surveillance
 http://hacking.dk |                                               is bad?
                   |                       Do they have something to hide?

Follow ups

Re: chkrootkit: suspicious files
From: Jørgen Heesche, 2004-06-30

References

chkrootkit: suspicious files
From: Jørgen Heesche, 2004-06-30