[arch-general] rkhunter found possible rootkit
Ralf Mardorf
silver.bullet at zoho.com
Tue Aug 20 08:28:36 UTC 2019
On Tue, 20 Aug 2019 10:15:58 +0200, ProgAndy wrote:
>Am 20.08.19 um 10:00 schrieb Filipe Laíns via arch-general:
>> On Tue, 2019-08-20 at 08:33 +0200, Oliver Jaksch wrote:
>> No, those libraries are used for key manipulation, that's why
>> rkhunter thinks that they might be sniffer.
>>
>In this particular case the filename was apparently used by a rootkit
>in 2013
If a file name should be a pointer to a {false,} positive, it still not
necessarily is a {false,} positive. rkhunter probably not only checks
file names, if at all.
https://sourceforge.net/projects/rkhunter/support
More information about the arch-general
mailing list