[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Raq550: chkrootkit .39a output question

Subject: RE: [cobalt-users] Raq550: chkrootkit .39a output question
From: "Gavin Nelmes-Crocker" <cobalt@xxxxxxxxxxxxxxxx>
Date: Sat Feb 22 10:30:01 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

> I upgraded my chkrootkit from 37 to 39a and everything lists not
> infected or not found expect the
> following lines.  Am I missing something?
>
>   Checking `sniffer'... not tested: can't exec ./ifpromisc
>   Checking `wted'... not tested: can't exec ./chkwtmp
>   Checking `z2'... not tested: can't exec ./chklastlog

I suspect there is nothing wrong on the RaQ except the way you are calling
the chkrootkit script, you get this error if you call it by

/home/tools/chkrootkit-039a/chkrootkit

as opposed to the recommended way form the www.chkrootkit.org web site

(cd /path/to/chkrootkit; ./chkrootkit 2>&1 | mail -s "chkrootkit output"
root)

The annoying thing is that everything else works but the script for those
checks doen't seem to reference them fully it expects to be in the same
directory therefore you get that error.

Hope this helps, I had the same problem it took me a bit of thinking to
explain as I could run the tests on their own fine and then I realised when
I ran chkrootkit form within the directory everything was fine.

Regards

Gavin

Follow-Ups:
- Re: [cobalt-users] Raq550: chkrootkit .39a output question
  - From: John D. Gorena

References:
- [cobalt-users] Raq550: chkrootkit .39a output question
  - From: John D. Gorena

Prev by Date: [cobalt-users] New OpenWebMail Release?
Next by Date: Re: [cobalt-users] Raq550: chkrootkit .39a output question
Previous by thread: [cobalt-users] Raq550: chkrootkit .39a output question
Next by thread: Re: [cobalt-users] Raq550: chkrootkit .39a output question

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index