Chkrootkit False Positive?

0

After setting up a fresh Kali system in VB I decided to do a chkrootkit to check the filesystem. Chkrootkit identified a lot of suspicious files. Is this a false positive or something to be concerned about?

The following suspicious files and directories were found:
/usr/lib/ruby/vendor_ruby/bundler/templates/newgem/.travis.yml.tt /usr/lib/ruby/vendor_ruby/libv8/.location.yml /usr/lib/python3/dist-packages/tabulate-0.7.7.egg-info/.PKG-INFO.swp /usr/lib/python3/dist-packages/.hypothesis /usr/lib/python3/dist-packages/matplotlib/tests/baseline_images/.keep /usr/lib/python3/dist-packages/PyQt4/uic/widget-plugins/.noinit /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-mediawiki-e7970d1c6b56/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-mediawiki-e7970d1c6b56/.rspec /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-projects-2a56756753c4/.ruby-version /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-projects-2a56756753c4/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-projects-2a56756753c4/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-brakeman-4d66e9cefa2f/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-brakeman-4d66e9cefa2f/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-brakeman-4d66e9cefa2f/.rspec /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-calculator_cvss-5d5c765f53dc/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-calculator_cvss-5d5c765f53dc/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-calculator_dread-41f9bbfee6b1/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-calculator_dread-41f9bbfee6b1/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-acunetix-3d71364306fc/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-acunetix-3d71364306fc/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-acunetix-3d71364306fc/.rspec /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-nessus-29282b0e8838/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-nessus-29282b0e8838/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-nessus-29282b0e8838/.rspec /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-zap-350c69e4acbd/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-vulndb-736afd98c8cd/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-vulndb-736afd98c8cd/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-nexpose-ed7256c8cdb7/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-nexpose-ed7256c8cdb7/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-nexpose-ed7256c8cdb7/.rspec /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-csv-0199fa1055bb/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-csv-0199fa1055bb/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-csv-0199fa1055bb/.rspec /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-ntospider-7f6d232f1fe6/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-ntospider-7f6d232f1fe6/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-plugins-4405464bf845/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-plugins-4405464bf845/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-plugins-4405464bf845/.rspec /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-qualys-b3c68822761c/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-qualys-b3c68822761c/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-qualys-b3c68822761c/spec/.keep /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-qualys-b3c68822761c/.rspec /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-nmap-8931fd001401/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-nmap-8931fd001401/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-nmap-8931fd001401/.rspec /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-openvas-f9da3b0e222d/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-openvas-f9da3b0e222d/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-openvas-f9da3b0e222d/.rspec /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-html_export-6ad8447a6ffd/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-html_export-6ad8447a6ffd/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-html_export-6ad8447a6ffd/.rspec /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-html_export-6ad8447a6ffd/.travis.yml /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-metasploit-4a5a6ad833cf/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-metasploit-4a5a6ad833cf/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-metasploit-4a5a6ad833cf/.rspec /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-burp-3fc2c7985c81/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-burp-3fc2c7985c81/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-burp-3fc2c7985c81/.rspec /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-netsparker-0e9364dd80d1/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-netsparker-0e9364dd80d1/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-nikto-c39e165c5dbb/.git /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-nikto-c39e165c5dbb/.gitignore /usr/lib/dradis/ruby/2.3.0/bundler/gems/dradis-nikto-c39e165c5dbb/.rspec /usr/lib/dradis/ruby/2.3.0/gems/mini_mime-1.0.0/.gitignore /usr/lib/dradis/ruby/2.3.0/gems/mini_mime-1.0.0/.travis.yml /usr/lib/dradis/ruby/2.3.0/gems/railties-5.1.5/lib/rails/generators/rails/generator/templates/templates/.empty_directory /usr/lib/dradis/ruby/2.3.0/gems/redis-3.3.5/test/db/.gitkeep /usr/lib/dradis/ruby/2.3.0/gems/redis-3.3.5/.travis /usr/lib/dradis/ruby/2.3.0/gems/redis-3.3.5/.gitignore /usr/lib/dradis/ruby/2.3.0/gems/redis-3.3.5/.yardopts /usr/lib/dradis/ruby/2.3.0/gems/redis-3.3.5/.travis.yml /usr/lib/dradis/ruby/2.3.0/gems/sinatra-2.0.0/.yardopts /usr/lib/dradis/ruby/2.3.0/gems/paper_trail-6.0.2/.rubocop_todo.yml /usr/lib/dradis/ruby/2.3.0/gems/paper_trail-6.0.2/.gitignore /usr/lib/dradis/ruby/2.3.0/gems/paper_trail-6.0.2/.rubocop.yml /usr/lib/dradis/ruby/2.3.0/gems/paper_trail-6.0.2/.rspec /usr/lib/dradis/ruby/2.3.0/gems/paper_trail-6.0.2/.github /usr/lib/dradis/ruby/2.3.0/gems/paper_trail-6.0.2/.travis.yml /usr/lib/dradis/ruby/2.3.0/gems/crass-1.0.3/.gitignore /usr/lib/dradis/ruby/2.3.0/gems/crass-1.0.3/.yardopts /usr/lib/dradis/ruby/2.3.0/gems/crass-1.0.3/.travis.yml /usr/lib/dradis/ruby/2.3.0/gems/websocket-driver-0.6.5/ext/websocket-driver/.RUBYARC

There were more however I decided not to copy and paste all of them as there were a lot.

Spencer

Posted 2018-03-11T07:54:08.203

Reputation: 11

All of those files were installed by you, when you installed, Ruby – Ramhound – 2018-03-11T16:34:16.957

Any explanation as to why I shouldn't worry about it? Also I never installed Ruby and that also doesn't answer the question of should I be concerned or is this a false positive? – Spencer – 2018-03-11T17:03:17.857

Cool, thank you for the explanation. Are there real time scanners available for kali? – Spencer – 2018-03-19T04:14:03.863

No answers

Asked: 2018-03-11T07:54:08.203

Viewed: 300 times

Active: 2018-03-11T07:54:08.203