Good afternoon,
A short while ago, I did my weekly patch sequence... "yum update yum" "yum update" "prelink -a" (reboot the system since yum patched the kernel) "chkrootkit" But "chkrootkit" gave warnings that I have not previously seen:
bash.1[~]: chkrootkit ROOTDIR is `/' Checking `amd'... not found Checking `basename'... not infected ... Checking `tcpdump'... warning, got bogus l2cap line. not infected ... Checking `aliens'... no suspect files Searching for sniffer's logs, it may take a while... nothing found ... Checking `bindshell'... warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. not infected ... Checking `wted'... chkwtmp: nothing deleted Checking `scalper'... warning, got bogus l2cap line. not infected Checking `slapper'... warning, got bogus l2cap line. not infected ... Checking `OSX_RSPLUG'... not infected bash.2[~]:
I've not seen warnings from "chkrootkit" in a while now. I realize that these are just warnings. Still, what's going on? Is there something that I should do?
thanks, Bill.