Fwd: $ chkrootkit
heiler at gmx.de
Wed Jul 20 14:39:05 UTC 2005
René L. Reingard <reingard at hispeed.ch> writes:
> who does use chkrootkit?
> i did it once. two lines of the output puzzle me. especially the second
> one listed here.
> Checking `sshd'... /usr/bin/strings: Warning: '/' is not an ordinary file
> not infected
> eth0: PACKET SNIFFER(/sbin/dhclient3)
You can ignore the second one. It's probably a false positive: You
your DHCP-client (google!) is waiting on eth0 for periodic updates
of your internet configuration. It essentially makes sure that you
have a correct IP and correct routing.
If you're not using DHCP you can switch off dhclient, but it's usually
not worth the effort.
More information about the ubuntu-users