[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-developers] What do I have to do??

Subject: Re: [cobalt-developers] What do I have to do??
From: DNSAdmin <dnsadmin@xxxxxxxxxxxxx>
Date: Mon Aug 18 07:14:01 2003
List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>

At 09:53 AM 8/17/2003 +0200, you wrote:

I one log of chrootkit I found this:

Checking `lkm'... You have     1 process hidden for readdir command
You have     1 process hidden for ps command
Warning: Possible LKM Trojan installed

What do I have to do to remove this Trojan?

Thank you,

Rolf Berkenbosch


Hello Rolf,

It is common and frequent to get these sort of false positives. First,login to the machine ona terminal and re-run chkrootkit manually. If youget another positive, wait and run again. Finally, should you still showpositives, you should research what to look for on the corrupted system.


It is most likely nothing to worry about.

Cheers!

Prev by Date: [cobalt-developers] Tomcat error on a 550
Next by Date: RE: [cobalt-developers] Tomcat error on a 550
Previous by thread: [cobalt-developers] What do I have to do??
Next by thread: [cobalt-developers] RaQ3-RaQ4-MySQL-3.23.54-1.pkg

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index