Re: chkrootkit reporting sshd vulnerable?

From: Richard E. Silverman (slade@shore.net)
Date: 12/29/01 

From: slade@shore.net (Richard E. Silverman)
Date: 29 Dec 2001 10:26:19 -0500

>>>>> "DZ" == Doctor Zen <hidden@from.spammers.net> writes:

>> Chkrootkit only works locally, worth two minutes of your time Mr.
>> Silverman

    DZ> Ah, that looks like the answer! Thanks everyone.

How so?

Nick's comment was pointing out that chkrootkit does not do network
probing, as I had guessed from your first posting. It does not explain
why you get different results depending on how you logged into the box.
He was not saying, "chkrootkit only works when you log in on the console." 

-- 
  Richard Silverman
  slade@shore.net

Relevant Pages

  • RE: Strange Idle User Listed in who, finger
    ... I would suggest you run chkrootkit and some other programs just to see if you ... have had someone in your network. ... >Recently however I see an additional user showing up. ... Here is some related output: ...
    (Fedora)
  • Re: Question about chkrootkit
    ... I made a couple of errors in my original post, ... Mandrake 8.2 NOT on a network. ... I downloaded the source code for chkrootkit from ...
    (comp.os.linux.security)
  • Question about chkrootkit
    ... Mandrake 8.2 NOT on a network. ... checking 'wted'...unable to open wtmp-file wtmpx ... I downloaded the source code for chkrootkit from ...
    (comp.os.linux.security)
  • chkrootkit mystery resolved
    ... >>Mandrake 8.2 NOT on a network. ... I downloaded the source code for chkrootkit from ... After installing this, everything checked out fine No errors, no ominous ...
    (comp.os.linux.security)
  • Re: Question about chkrootkit
    ... >Mandrake 8.2 NOT on a network. ... >checking 'wted'...unable to open wtmp-file wtmpx ... I downloaded the source code for chkrootkit from ...
    (comp.os.linux.security)