port-i386: Re: Chkrootkit 0.44

Subject: Re: Chkrootkit 0.44
To: Adrian Portelli <adrianp@stindustries.net>
From: David Maxwell <david@crlf.net>
List: port-i386
Date: 09/14/2004 11:40:09

On Tue, 14 Sep 2004, Adrian Portelli wrote:
> "sh -x chkrootkit" gives this on a stock 1.6.2 box (with security patches):
> 
> + [ NetBSD = FreeBSD -o NetBSD = NetBSD -o NetBSD = OpenBSD -a 1 0 -eq 1 ]
                                                                ^^^^^^^^^^

Yup. That's not a valid expression.

> [: 0: unexpected operator
> + STATUS=0
> + /usr/bin/strings+ /usr/bin/egrep -a 
> vejeta|xlogin|^@\(#\)klogin\.c|lets_log|sukasuka|/usr/lib/.ark?|SucKIT
> /usr/bin/login
> 
> + return 0
> + STATUS=0
> + [  = t ]
> + echo INFECTED
> INFECTED
> 
> Problem with the script ?

-- 
David Maxwell, david@vex.net|david@maxwell.net --> From a real request to a
helpdesk "Can you please open the following ports in the firewall: 1024-90000"
						- Anonymous to protect the guilty