I just performed a fresh install of Ubuntu 9.10 from a livecd that I received from Ship It. The install went well and I ran chkrootkit and rkhunter before putting the system online. The following happened:
1. Ran rkhunter, showed no problems
2. Ran chkrootkit the report included this:
Searching for Suckit rootkit... Warning: /sbin/init INFECTED
3. Re-ran rkhunter and it reported this regarding Suckit and /sbin/init:
/sbin/init [ OK ]
Suckit Rootkit [ Not found ]
the rkhunter summary included this:
System checks summary
=====================
File properties checks...
Files checked: 130
Suspect files: 0
Rootkit checks...
Rootkits checked : 111
Possible rootkits: 0
The red text emphasis was added by me for readability. As I said, I installed from trusted media and then installed several apps from the Ubuntu software repositories, so I don't think I have a rootkit. What I think happened is chkrootkit reported a false positive but I don't remember this happening on Jaunty or previous installations of Karmic.
Has anyone else seen this problem?
Adv Reply
Originally Posted by iponeverything
Bookmarks