LinuxQuestions.org - rootkit hunter false positive for Xzibit Rootkit on CentOS 4.8?

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - rootkit hunter false positive for Xzibit Rootkit on CentOS 4.8? (https://www.linuxquestions.org/questions/linux-security-4/rootkit-hunter-false-positive-for-xzibit-rootkit-on-centos-4-8-a-776992/)

abefroman

12-20-2009 01:06 AM

rootkit hunter false positive for Xzibit Rootkit on CentOS 4.8?

Does rootkit hunter false positive for Xzibit Rootkit on CentOS 4.8?

rkhunter picks it up but chkrootkit does not.

TIA

EricTRA

12-20-2009 01:51 AM

Hi Abe,

I had the same result with the latest version of RKHunter. Since I was sure that nothing could be on the machine I whitelisted the stuff that got reported after advice from the security forum.

Kind regards,

Eric

craigevil

12-20-2009 08:19 AM

Seems to be either a bug or a false positive. If you Google for that there are several bug reports and posts concerning it.

All times are GMT -5. The time now is 07:40 AM.