Re: My machine compromised?
On Wed, 03 Dec 2003 01:03:34 -0800, Vanh Phom wrote:
> Hi folk,
> After reading on report of servers compromised. Just for curiorsity I
> run chkrootkit on my own machine and come up with this result:
> Searching for anomalies in shell history files... nothing found
> Checking `asp'... not infected
> Checking `bindshell'... not infected
> Checking `lkm'... You have 12 process hidden for readdir command
> You have 12 process hidden for ps command
> Warning: Possible LKM Trojan installed
> Checking `rexedcs'... not found
> Checking `sniffer'...
> eth0: PROMISC
> Is my machine compromised? How to fix this?
Read "Running chrootkit" in http://www.wiggy.net/debian/developer-securing/
...oh, and try searching the list before posting, this question's been
covered at length over the last few days...
"I think that gay marriage is something that should be between a man and
-- Arnold Schwarzenegger, Governor of California