Improving Chkrootkit output?

I am finding the long email that chkrootkit sends to be cumbersome to wade through. With hundreds of lines saying "not infected" it is very difficult to look for one that says "infected".

Is there any way to have chkrootkit simply report on what IS infected rather than listing what is not?

Also, what is up with "Checking `bindshell'... INFECTED (PORTS: 465)" - everyone knows it is a false positive and ignores it - how can I make it stop reporting?

 

 

 

 

Top