On Tuesday 04 January 2005 08:20, Kaj Haulrich wrote: > When doing a chkrootkit everything looks fine except this : > > Checking `asp'... not infected > Checking `bindshell'... not infected > Checking `lkm'... Checking `rexedcs'... not found > Checking `sniffer'... eth0: PF_PACKET(/sbin/dhclient) > Checking `w55808'... not infected > Checking `wted'... nothing deleted > Checking `scalper'... not infected > Checking `slapper'... not infected > > What is this sniffer thing and does it matter ?
Packet sniffer. If you are running an Intrusion Detection System like portsentry or Snort, that would account for the detection of a packet sniffer as IDS's have to sniff packet to detect intrusions. -- Bryan Phinney
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
