Re: how to run debsums for 'ps' and 'readline'

To: oneman <lists@onemanifest.net>
Cc: "debian users" <debian-user@lists.debian.org>
Subject: Re: how to run debsums for 'ps' and 'readline'
From: "James Youngman" <jay@gnu.org>
Date: Sat, 20 Dec 2008 09:43:30 +0000
Message-id: <[🔎] c5df85930812200143s772af08cieb76914c100e6fcd@mail.gmail.com>
In-reply-to: <[🔎] 102E33C8-1B5C-4269-A376-B423821F0C8A@onemanifest.net>
References: <[🔎] 102E33C8-1B5C-4269-A376-B423821F0C8A@onemanifest.net>

On Fri, Dec 19, 2008 at 11:25 AM, oneman <lists@onemanifest.net> wrote:
> Hi All,
>
>
> chkrootkit is complaining about processes hidden from ps and readdir. So I'd
> like to run debsums on them to test the integrity of ps and readdir.
> However, 'debsums ps' doesn't work. Wich package name should I use to check
> the integrity of these two?

readdir is a function in the C library.    If it is being fooled, the
problem is either in the C library (which busybox will almost
certainly also use) or in the kernel (which everything uses).

Probably the best option is to boot from a known-good CD or DVD and
run your diagnostic tools from that.

James.

Reply to:

Follow-Ups:
- Re: how to run debsums for 'ps' and 'readline'
  - From: Celejar <celejar@gmail.com>

References:
- how to run debsums for 'ps' and 'readline'
  - From: oneman <lists@onemanifest.net>

Prev by Date: Re: xserver-xorg under lenny: SOLVED
Next by Date: Re: [OT]I just got a phish call!!!
Previous by thread: Re: how to run debsums for 'ps' and 'readline'
Next by thread: Re: how to run debsums for 'ps' and 'readline'
Index(es):
- Date
- Thread