Rudy edition and Chkrootkit, weird results

For talk and support relating specifically to Puppy derivatives
Post Reply
Message
Author
User avatar
polux
Posts: 11
Joined: Fri 15 Dec 2006, 20:02
Location: Switzerland

Rudy edition and Chkrootkit, weird results

#1 Post by polux »

Hi Debernardis, I'm using from cd the latest 070227 Ruddy edition. I did a scan with chkrootkit and the results came with some infected files. I booted and rebooted several times and got the same results. :shock:

Checking `basename'... INFECTED
Checking `cron'... INFECTED
Checking `dirname'... INFECTED
Checking `echo'... INFECTED
Checking `env'... INFECTED
Checking `login'... INFECTED
Checking `passwd'... INFECTED
Checking `traceroute'... INFECTED
Searching for Suckit rootkit... Warning: /sbin/init INFECTED

Im running it in a normal cd (not a multi session) so I haven't modified or changed anything in it.
Can they be false positives or something to worry about?

User avatar
debernardis
Posts: 180
Joined: Sat 12 Nov 2005, 08:01
Contact:

#2 Post by debernardis »

This is a known issue: chkrootkit finds as anormal the busybox equivalents to standard gnu utilities.
See http://www.murga-linux.com/puppy/viewtopic.php?t=8395
So no worry 8)

User avatar
polux
Posts: 11
Joined: Fri 15 Dec 2006, 20:02
Location: Switzerland

#3 Post by polux »

Thank you for your fast reply :)

And by the way, congratulations for such a great derivative you made.

Post Reply