Wrt
SSHD Rootkit Rolling around.
*I updated RKH in CVS but detection wasn't added yet to ClamAV, Securiteinfo or R-fx MLD:
Code:
]$ clamscan --official-db-only=no -d ./securiteinfoelf.hdb -d ./securiteinfosh.hdb -d ./rfxn.hdb -d ./rfxn.ndb -d ./RKH_libkeyutils.ldb -r --infected -r $PWD
path01/libkeyutils.so.1.9: RKH_libkeyutils.so.1.9.UNOFFICIAL FOUND
path02/libkeyutils.so.1.9: RKH_libkeyutils.so.1.9.UNOFFICIAL FOUND
path03/innucuoustarball.tar.bz2: RKH_libkeyutils.so.1.9.UNOFFICIAL
...