Re: how to run debsums for 'ps' and 'readline'

To: debian-user@lists.debian.org
Subject: Re: how to run debsums for 'ps' and 'readline'
From: Tzafrir Cohen <tzafrir@cohens.org.il>
Date: Fri, 19 Dec 2008 12:29:42 +0000
Message-id: <[🔎] 20081219122942.GO23522@pear.tzafrir.org.il>
In-reply-to: <[🔎] 102E33C8-1B5C-4269-A376-B423821F0C8A@onemanifest.net>
References: <[🔎] 102E33C8-1B5C-4269-A376-B423821F0C8A@onemanifest.net>

On Fri, Dec 19, 2008 at 12:25:55PM +0100, oneman wrote:
> Hi All,
>
>
> chkrootkit is complaining about processes hidden from ps and readdir. So 
> I'd like to run debsums on them to test the integrity of ps and readdir. 
> However, 'debsums ps' doesn't work. Wich package name should I use to 
> check the integrity of these two?

Something that helped me to get a different point of view on such a 
system was a busybox binary. IIRC we have a package with a rather 
complete and statically-linked busybox binary. You could also try 
'busybox ps' and such. 

Again, not a fix, but a different point of view.

-- 
Tzafrir Cohen         | tzafrir@jabber.org | VIM is
http://tzafrir.org.il |                    | a Mutt's
tzafrir@cohens.org.il |                    |  best
ICQ# 16849754         |                    | friend

Reply to:

References:
- how to run debsums for 'ps' and 'readline'
  - From: oneman <lists@onemanifest.net>

Prev by Date: Problem after upgrade
Next by Date: Re: xserver-xorg under lenny
Previous by thread: Re: how to run debsums for 'ps' and 'readline'
Next by thread: Re: how to run debsums for 'ps' and 'readline'
Index(es):
- Date
- Thread