lotusleaf
October 16th, 2006, 07:06 PM
Is this a false positive or something more?
A user in #ubuntu-offtopic mentioned this and so I checked for myself and confirmed the same result he found, which is:
Scan result for OBSD rk v1 using chkrootkit v0.46a-3:
Searching for OBSD rk v1... /usr/lib/security
/usr/lib/security/classpath.security
Scan result for OBSD rk v1 using chkrootkit v.0.47:
Searching for OBSD rk v1... /usr/lib/security
/usr/lib/security/classpath.security
If you use Edgy and have chkrootkit installed, please post back with your result for this so I may determine whether or not this is a false positive, thanks!
Here's what the other person, LjL, in #ubuntu-offtopic was saying about this:
<LjL> for that matter, i get Searching for OBSD rk v1... /usr/lib/security /usr/lib/security/classpath.security
<LjL> lotusleaf: the official chkrootkit changelogs don't mention OBSD at all. they don't even mention a 0.46a-2 or 0.46a-3 version either, for that matter, so those should just be Ubuntu package revisions...
<LjL> lotusleaf: hm, just a guess -- perhaps this "OBSD" thing is, like the name suggests, a trojan that affects BSD systems. maybe the check was removed from Dapper, since it's not a BSD, but it was not removed on Edgy
<LjL> lotusleaf: and the Debian changelog doesn't say a thing about it in the 0.46-a2 -> 0.46a-3 changes
A user in #ubuntu-offtopic mentioned this and so I checked for myself and confirmed the same result he found, which is:
Scan result for OBSD rk v1 using chkrootkit v0.46a-3:
Searching for OBSD rk v1... /usr/lib/security
/usr/lib/security/classpath.security
Scan result for OBSD rk v1 using chkrootkit v.0.47:
Searching for OBSD rk v1... /usr/lib/security
/usr/lib/security/classpath.security
If you use Edgy and have chkrootkit installed, please post back with your result for this so I may determine whether or not this is a false positive, thanks!
Here's what the other person, LjL, in #ubuntu-offtopic was saying about this:
<LjL> for that matter, i get Searching for OBSD rk v1... /usr/lib/security /usr/lib/security/classpath.security
<LjL> lotusleaf: the official chkrootkit changelogs don't mention OBSD at all. they don't even mention a 0.46a-2 or 0.46a-3 version either, for that matter, so those should just be Ubuntu package revisions...
<LjL> lotusleaf: hm, just a guess -- perhaps this "OBSD" thing is, like the name suggests, a trojan that affects BSD systems. maybe the check was removed from Dapper, since it's not a BSD, but it was not removed on Edgy
<LjL> lotusleaf: and the Debian changelog doesn't say a thing about it in the 0.46-a2 -> 0.46a-3 changes