On 10 July 2012 18:05, Darrel <levitch%iglou.com@localhost> wrote:
Hello,
Unless you do not trust the package, will anyone please run chkrootkit on
NetBSD6-beta and find if it reports netstat as infected?
I have run this computer without a firewall for a couple of days until New
Packet Firewall was compiled into the kernel and is operational; however,
all of my computers are running behind a gateway running Packet Filter.
Looks to be false positive - it runs a strings on netstat and looks for
/dev/hdl0/dev/xdta|/dev/ttyoa|/dev/pty[pqrsx]|/dev/cui|/dev/hdn0|/dev/cui221|/dev/dszy|/dev/ddth3|/dev/caca|^/prof|/dev/tux|grep|addr\.h
which in the case of NetBSD's netstat matches on mobile_regreply ('grep')