Dear all,
I'm using Etch, and among others, I use tiger + chkrootkit to keep track
of potential problems on my servers. I consider this to be a pretty
standard configuration. The problem is that I get the following false
positive alarms every day from chkrootkit:
The following suspicious files and directories were found:
/lib/init/rw/.mdadm
/lib/init/rw/.ramfs
Now this means that your approach is inconsistent with the use of
standard security tools within the same distribution. I'd like to ask
you to EITHER reconsider this strange new policy of putting hidden files
under /lib OR provide and maintain a patched version of chrootkit in the
distribution . Please, understand that I _don't_ want to recompile
chkrootkit, and also don't want to write a wrapper around it to supress
these messages, and I suspect that I'm not alone with this desire.
Cheers,
Viktor
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
