[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: how to fix rootkit?

On Wed, Feb 08, 2012 at 11:53:14AM +0300, volk@lab127.karelia.ru wrote:
> Today I found next things at squeeze. Please help to fix, I've no
> experience in such tasks.
> # chkrootkit
> ROOTDIR is `/'
> Checking `ifconfig'...                                      INFECTED
> Checking `netstat'...                                       INFECTED

Don't even try to fix, with the system rooted you cannot trust it.
The only safe course of action is to wipe the system and reinstall it.

If you need the data on the machine and have no current backups, boot
from a rescue CD (giving you a _clean_ environment) and copy the data
off, then wipe & reinstall.

Kind regards,
"Opportunity is missed by most people because it is dressed in overalls and
 looks like work."                                      -- Thomas A. Edison

Reply to: