Fix for Windigo on Ubuntu/Debian variants that use new SSH version

Magentron / chkrootkit

This program locally checks for signs of a rootkit. 'Forked' to fix false-positive for SucKIT rootkit

http://www.chkrootkit.org/

Other

220 stars 57 forks source link

Fix for Windigo on Ubuntu/Debian variants that use new SSH version #2

Closed cookiengineer closed 8 years ago

cookiengineer commented 8 years ago

On Ubuntu and Debian variants, SSH outputs the usage now when ssh -G is used, because that flag is not supported anymore.

This fix just inserts another else if condition that checks whether SSH prints the usage or not. If the usage is put to stdout, everything is fine and the false positive can be ignored.

cookiengineer commented 8 years ago

Related issue is #1

cookiengineer commented 8 years ago

Hm yes, seems so. Already shouted out an email back then, but no reply from original maintainers. Seems that chkrootkit is a dead project :-/

Magentron commented 8 years ago

Hi guys, I will have a look at it next week.