Re: how to run debsums for 'ps' and 'readline'
On Fri, Dec 19, 2008 at 11:25 AM, oneman <lists@onemanifest.net> wrote:
> Hi All,
>
>
> chkrootkit is complaining about processes hidden from ps and readdir. So I'd
> like to run debsums on them to test the integrity of ps and readdir.
> However, 'debsums ps' doesn't work. Wich package name should I use to check
> the integrity of these two?
readdir is a function in the C library. If it is being fooled, the
problem is either in the C library (which busybox will almost
certainly also use) or in the kernel (which everything uses).
Probably the best option is to boot from a known-good CD or DVD and
run your diagnostic tools from that.
James.
Reply to: