Salut, J'ai lancé chkrootkit, qui m'a 'trouvé' un rootkit, j'ai regardé la doc pour les détails, et je vois, dans /usr/share/doc/chkrootkit :
README.Debian for chkrootkit ---------------------------- Below is a list of packages which are known to set off false alarms in chkrootkit. libproc-dev: chkrootkit detects libproc.a as a possible component of t0rn v8 slice: /usr/bin/slice sets false alarm about RH-Sharpe portsentry: Portsentry by default listens to port 31337/udp, which chkrootkit detects as malicious. chkrootkit checks for other malicious ports, which may be bound by innocent programs. -- Charles