On Mon, Aug 06, 2012 at 05:37:23PM -0400, rabidblogger@Safe-mail.net wrote: > $ lsof | grep anon_inode > anon_inode This is anonymous inode, for example, the process open a file on disk and then unlink it. After that there isn't a filesystem entry attached to the inode anymore so the others can't open it. And the process which holds the open file can operates it until close it. > > $ lsof | grep dev/null > /dev/null > For /dev/null, note that there are many process open it, mainly used by daemon. Its stdin, stdout, stderr redirected to /dev/null. -- Thanks, Chengwei > I find several anon_inodes and over a dozen /dev/null listings, in some listings for each there are several processes which are repeated. I'm expecting this to be a rootkit, but none of the rootkit scanners find anything. Why are these two listings appearing for various processes? I'm not running any virtual machines, emulation, shares, printers, servers, etc. but these listings continue to appear, it doesn't matter what Linux distro I use, these continue to show, even when disconnected from the internet. > > What are they? > Why are they appearing? > How can I stop these from running? (if they're bad) > > I've searched the web and cannot find anything which explains these to my satisfaction. > > > -- > To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org > Archive: [🔎] N1B-IF1Q8q-Jvk@Safe-mail.net">http://lists.debian.org/[🔎] N1B-IF1Q8q-Jvk@Safe-mail.net
Attachment:
signature.asc
Description: Digital signature