I believe it's better for rkhunter to be initialised on a fresh install, but I think it also checks for the existence of files known to be part of a rootkit. Admittedly of minor value.
The thing *not* to do with an infected system is initialise the rkhunter db.
Lesley
At Wed, 22 Jan 2014 19:47:27 +0700,
Andika Triwidada wrote:
On Wed, Jan 22, 2014 at 7:37 PM, Nico Angenon <nico@creaweb.fr> wrote:the same...no output....
could be hidden by rootkit :(
I think so too.
Could you try to use debsum and rkhunter? It would find cracked
commands.
--
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: [🔎] 87ob3338mc.wl%knok@daionet.gr.jp" target="_blank">http://lists.debian.org/[🔎] 87ob3338mc.wl%knok@daionet.gr.jp