Home > Security > Chkrootkit 0.46 Problem

Chkrootkit 0.46 Problem

October 30, 2005 Posted by KP

Cordeiro posted the following message on the FreeBSD security list. I didn’t test it (I don’t have testing server).

…don’t use chkrootkit 0.46 on production machines.
The “chkproc” process sends a SIGXFSZ (25) signal to init,
that interprets this signal as a “disaster” and reboots
after a 30s sleep.

I tested chkrootkit(0.45) and Rootkit Hunter before. I prefer Rootkit Hunter.

Bookmark and Share


Related Posts:

Filed Under: Security

2 Comments to “Chkrootkit 0.46 Problem”

  1. Jason Says:
    December 29th, 2005 at 10:06 am

    Just thought I’d mention that this problem does not appear to affect FreeBSD 6, as I used this version of chkrootkit before reading this — the system did not restart. :) rkhunter does seem nicer, though. I don’t think it can hurt to check with both if you’re able.

  2. FreeBSD Newbie Says:
    December 29th, 2005 at 1:57 pm

    Thanks for the info, Jason.

    I agree with you, no rootkit program covers all checking of anther one, it’s only better to use both.

Leave a Comment









*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word


Subscribe via RSS/EMail


Categories

Archives

Meta