On Tue, 2011-07-19 at 17:51 +0000, White, Joseph wrote: > Hi All, > > > > Added the following, RTKT_FILE_WHITELIST="/etc/rc.d/rc.sysinit" and > also tried RTKT_FILE_WHITELIST="/etc/rc.d/rc.sysinit:hdparm" still > getting Xzibit Rootkit.
Have a look at this post: http://sourceforge.net/mailarchive/message.php?msg_id=25719686 I know its a bit dated, but the CVS version might be the answer. This is what I'm using at the moment and I don't have any problems with false-positives. Tom ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/ _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
