Re: chrootkit suspicious files and directories

To: debian-user@lists.debian.org
Subject: Re: chrootkit suspicious files and directories
From: Sthu Deus <sthu.deus@gmail.com>
Date: Mon, 4 Feb 2013 13:06:27 +0700
Message-id: <[🔎] 510f4feb.0329700a.6c69.190b@mx.google.com>
In-reply-to: <[🔎] 20130204022859.5a560dca@fx4100>
References: <[🔎] 20130204022859.5a560dca@fx4100>

Good time of the day, sp11.

You wrote:

> chrootkit gives following message:
> 
> Searching for suspicious files and dirs, it may take a while...
>  
> The following suspicious files and directories were found: 
> 
> /usr/lib/pymodules/python2.6/PyQt4/uic/widget-plugins/.noinit 
> /usr/lib/pymodules/python2.6/.path 
> /usr/lib/pymodules/python2.5/PyQt4/uic/widget-plugins/.noinit 
> /usr/lib/pymodules/python2.5/.path 
> /usr/lib/icedove/.autoreg 
> /usr/lib/xulrunner-1.9.1/.autoreg 
> /usr/lib/iceweasel/.autoreg 
> /usr/lib/iceape/.autoreg 
> /usr/lib/jvm/.java-6-openjdk.jinfo 
> /usr/lib/jvm/java-1.5.0-gcj-4.4/.java-gcj-4.4.jinfo 
> /lib/init/rw/.ramfs
> 
> Running Squeeze on amd64.
> 
> Any ideas?

After several false positives I removed the kit years ago, since that
slept peacefully.

Of course it does not mean that nothing should be done instead. All I
want to say is that it is not trustworthy - You just can not judge
right having its results.

Sthu.

Reply to:

References:
- chrootkit suspicious files and directories
  - From: sp11 <sp113438@telfort.nl>

Prev by Date: Re: how to get missing multimedia packages
Next by Date: Re: chrootkit suspicious files and directories
Previous by thread: Re: chrootkit suspicious files and directories
Next by thread: Re: chrootkit suspicious files and directories
Index(es):
- Date
- Thread