[Cialug] rootkit bug?
cialug@cialug.org
cialug@cialug.org
Thu, 10 Mar 2005 22:37:26 +0000
I think there might be a problem in chkrootkit. When it checks lkm, I get:
ps: error: Thread display not implemented.
And then I get the syntax screen for ps. I also noticed in the log posted later
in this thread, it looks like lkm was skipped. It says: "Checking `lkm'...
Checking `rexedcs'... not found". Notice there isn't a result for lkm before it
starts checking rexedcs.
Looking at chkproc.c, it uses "ps mauxw", whereas chkrootkit 0.44 used "ps
auxw". Evidently procps-2.0.7-11 can't handle thread display.
--
Tim W.
> just ran chkrootkit on my server and found out there may be a damn rootkit
> installed. what to do what to do?
>
> any help here would be hot.
>
>
> -------------------------
> want an email address ending in @c0wzftp.com?
> send an email on over to admin@c0wzftp.com
>
>
> _______________________________________________
> Cialug mailing list
> Cialug@cialug.org
> http://cialug.org/mailman/listinfo/cialug