Re: chkrootkit (false) positive

Peter Rosa Wed, 23 Mar 2016 10:49:31 -0700

na 10.3-PRERELEASE) hlasi:
Possible Linux/Ebury - Operation Windigo installetd


Copak ti vypise

ssh -G 2>&1 | grep -e illegal -e unknown > /dev/null && echo "System
clean" || echo "System infected"


a co

ssh -G

# ssh -G 2>&1 | grep -e illegal -e unknown > /dev/null && echo "Systemclean" || echo "System infected"

System infected

# ssh -G
usage: ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
           [-D [bind_address:]port] [-E log_file] [-e escape_char]
           [-F configfile] [-I pkcs11] [-i identity_file] [-L address]
           [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
           [-Q query_option] [-R address] [-S ctl_path] [-W host:port]
           [-w local_tun[:remote_tun]] [user@]hostname [command]


--

Peter Rosa
--
FreeBSD mailing list ([email protected])
http://www.freebsd.cz/listserv/listinfo/users-l

Re: chkrootkit (false) positive

Odpovedet emailem