On 8/8/06, Stephen Hawkins <
[EMAIL PROTECTED]> wrote:
ossec-list,
I am running SuSE 10.0. I got the exact same alarm that the person who was in
the /. posting about ossec did. See below:
-------------------------cut----------------------------------
OSSEC HIDS Notification.
2006 Aug 08 06:54:50
Received From: linux->rootcheck
Rule: 14 fired (level 8) -> "Rootkit detection engine message"
Portion of the log(s):
Rootkit 'ZK' detected by the presence of file
'/etc/sysconfig/console/load.zk'.
-------------------------------cut-------------------------------------
Has anyone figured out what this is coming from?
Thanks,
Steve
--
73 49 111 01001001
Steve Hawkins NG0G
[EMAIL PROTECTED]
