possible false positive: combo/router/malware in apko

chainguard-dev / bincapz

detect malicious program behaviors

Apache License 2.0

404 stars 26 forks source link

possible false positive: combo/router/malware in apko #132

Closed tstromberg closed 4 months ago

tstromberg commented 4 months ago

We should probably understand why apko cares about telnetd.

| 4/CRITICAL | combo/router/malware            | accesses paths seen in router malware: "/bin/busybox                                                    |
|            |                                 | /usr/bin/ps                                                                                             |
|            |                                 | /usr/sbin                                                                                               |
|            |                                 | /wget                                                                                                   |
|            |                                 | telnetd"                                                                                                |