On 2/13/25 7:33 PM, Tim wrote:
On Thu, 2025-02-13 at 10:50 -0700, home user via users wrote:
When I ran chkrootkit, I got the following (including a few lines of context) regarding
Is there a reason you feel the need to check for rootkits?
I'm under the impression that if you don't install things from outside of the repos, and keep SELinux running, there's a so-close-to-zero chance of you having a problem that it's not worth worrying about.
Unlike Windows, our mail clients don't automatically run executables that have been attached to emails, etc. You have to choose to run executables.
Maybe I'm remembering wrong, but I recall over a decade ago being advised on this list to use 2 tools to watch for malware on this workstation: chkrootkit and rkhunter. (I was also advised that those tools are not perfect.) Being not an IT professional, and trusting that those list members that do the helping are experienced professionals (though not perfect), I live by that advice and run both tools weekly. Also, don't these tools check for more than just rootkits?
By the way, I notice that rkhunter was last patched on my workstation in June of 2022. But its webpage show its last update to be March of 2024. Our repository almost a year behind on this?