X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Frootcheck%2Fdb%2Frootkit_trojans.txt;h=523770ccec215aea1f98dd1619ddb83e3e77833f;hp=b2cfa86a5c5822b10b73413c42bd865ca88e9765;hb=6ef2f786c6c8ead94841b5f93baf9f43421f08c8;hpb=301048b51990573e58a30dc4a5bb4ec285cad554

diff --git a/src/rootcheck/db/rootkit_trojans.txt b/src/rootcheck/db/rootkit_trojans.txt
index b2cfa86..523770c 100755
--- a/src/rootcheck/db/rootkit_trojans.txt
+++ b/src/rootcheck/db/rootkit_trojans.txt
@@ -1,4 +1,5 @@
-# @(#) $Id$
+# @(#) $Id: ./src/rootcheck/db/rootkit_trojans.txt, 2012/04/26 dcid Exp $
+
 #
 # rootkit_trojans.txt, (C) Daniel B. Cid
 # Imported from the rootcheck project.
@@ -68,7 +69,7 @@ xinetd		!bash|file\.h|proc\.h!
 in.telnetd	!cterm100|vt350|VT100|ansi-term|bash|^/bin/sh|/dev[A-R]|/dev/[a-z]/!
 in.fingerd	!bash|^/bin/sh|cterm100|/dev/!
 identd		!bash|^/bin/sh|file\.h|proc\.h|/dev/[^n]|^/bin/.*sh!
-init		!bash|/dev/h|HOME!
+init		!bash|/dev/h
 tcpd		!bash|proc\.h|p1r0c4|hack|/dev/[^n]!
 rlogin		!p1r0c4|r00t|bash|/dev/[^nt]!
 
@@ -80,8 +81,6 @@ kill		!/dev/[ab,d-k,m-z]|/dev/[F-Z]|/dev/[A-D]|/dev/[0-9]|proc\.h|bash|tmp!
 
 
 # Rootkit entries
-/sbin/init              !HOME! Suckit rootkit
-/proc/1/maps            !init.! Suckit rootkit
 /etc/rc.d/rc.sysinit    !enyelkmHIDE! enye-sec Rootkit