Your message dated Mon, 30 Jun 2008 21:25:43 +1200
with message-id <[EMAIL PROTECTED]>
has caused the report #488558,
regarding False positive for vdr
to be marked as having been forwarded to the upstream software
author(s) Nelson Murilo <[EMAIL PROTECTED]>
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
488558: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=488558
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Hi Nelson,
Here's a suggestion to from a Debian developer for improving the detection
of the scalper rootkit. It would avoid a false positive with the vdr-kbd
package.
Does it seem reasonable to you?
Cheers,
Francois
----- Forwarded message from David Weinehall <[EMAIL PROTECTED]> -----
The package vdr triggers the "Scalper" test, since the extension
vdr-kbd uses port 2001.
Since scalper doesn't hide itself, checking if the process ".a" is
running should be a reasonable additional check to avoid false
positives.
Regards: David Weinehall
----- End forwarded message -----
--- End Message ---
