Re: how to fix rootkit?
On Wed, Feb 08, 2012 at 11:53:14AM +0300, firstname.lastname@example.org wrote:
> Today I found next things at squeeze. Please help to fix, I've no
> experience in such tasks.
> # chkrootkit
> ROOTDIR is `/'
> Checking `ifconfig'... INFECTED
> Checking `netstat'... INFECTED
Don't even try to fix, with the system rooted you cannot trust it.
The only safe course of action is to wipe the system and reinstall it.
If you need the data on the machine and have no current backups, boot
from a rescue CD (giving you a _clean_ environment) and copy the data
off, then wipe & reinstall.
"Opportunity is missed by most people because it is dressed in overalls and
looks like work." -- Thomas A. Edison