On Fri 06 Jun 2014 at 13:35:38 +0200, Filip wrote: > Do you have systemd-sysv installed ? When that package is installed > /sbin/init is a symlink to systemd and I have heard that chkrootkit > gives false positives for the suckit rootkit with that.
chkrootkit gives false positives as a matter of course. There is no well documented description of it ever discovering anything malign. > You could double-check with rkhunter. This person did: http://www.howtoforge.com/forums/showthread.php?t=42109 suckit apparently enters through /dev/kmem. brian@desktop:~$ ls -l /dev/kmem ls: cannot access /dev/kmem: No such file or directory -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
