Fwd: $ chkrootkit

Matthias Heiler heiler at gmx.de
Wed Jul 20 14:39:05 UTC 2005

René L. Reingard <reingard at hispeed.ch> writes:

> hello,
> who does use chkrootkit?
> i did it once. two lines of the output puzzle me. especially the second
> one listed here.
> 1.)
> Checking `sshd'... /usr/bin/strings: Warning: '/' is not an ordinary file
> not infected
> 2.)
> eth0: PACKET SNIFFER(/sbin/dhclient3[12518])

You can ignore the second one.  It's probably a false positive: You
your DHCP-client (google!) is waiting on eth0 for periodic updates
of your internet configuration.  It essentially makes sure that you
have a correct IP and correct routing.

If you're not using DHCP you can switch off dhclient, but it's usually
not worth the effort.


More information about the ubuntu-users mailing list