[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: My machine compromised?

On Wed, 03 Dec 2003 01:03:34 -0800, Vanh Phom wrote:

> Hi folk,
> After reading on report of servers compromised. Just for curiorsity I
> run chkrootkit on my own machine and come up with this result:
> Searching for anomalies in shell history files... nothing found
> Checking `asp'... not infected
> Checking `bindshell'... not infected
> Checking `lkm'... You have    12 process hidden for readdir command
> You have    12 process hidden for ps command
> Warning: Possible LKM Trojan installed
> Checking `rexedcs'... not found
> Checking `sniffer'... 
> eth0: PROMISC
> Is my machine compromised? How to fix this?
> Vanh

Read "Running chrootkit" in http://www.wiggy.net/debian/developer-securing/

...oh, and try searching the list before posting, this question's been
covered at length over the last few days...


"I think that gay marriage is something that should be between a man and
a woman."

-- Arnold Schwarzenegger, Governor of California

Reply to: