On Mon, 2018-09-10 at 19:43 +0200, Markus Egg wrote:
> Am 10.05.18 um 04:04 schrieb Al Varnell:
> > How about this section:
> >
> > > Performing additional rootkit checks
> > > Checking for possible rootkit files and directories [None found]
> > > Checking for possible rootkit
Am 10.05.18 um 04:04 schrieb Al Varnell:
How about this section:
Performing additional rootkit checks
Checking for possible rootkit files and directories [None found]
Checking for possible rootkit strings [None found]
Sorry to BUMP this older thread but I
On Wed, 2018-05-09 at 10:21 -0400, Mark Misulich wrote:
> Hi,
> when I run rkhunter on my opensuse 42.3 linux Operating System, I get
> this result telling me that I have a possible rootkit.
>
> > Rootkit checks...
> > Rootkits checked : 500
> > Possible rootkits: 1
>
> I have looked
How about this section:
> Performing additional rootkit checks
> Checking for possible rootkit files and directories [ None found ]
> Checking for possible rootkit strings[ None found ]
-Al-
On Wed, May 09, 2018 at 07:02 PM, Mark Misulich wrote:
> Nope,
Nope, nothing in the list of rootkits you referenced is written in
red. They are all tagged "not found" in green. Every rootkit check
listed in the /var/log/rkhunter.log is listed as not found.
On Wed, 2018-05-09 at 15:13 -0700, Al Varnell wrote:
> Didn't you get a section above the summary
Didn't you get a section above the summary that looks something like this:
Checking for rootkits...
Performing check of known rootkit files and directories
55808 Trojan - Variant A [ Not found ]
ADM Worm [
Hi,
when I run rkhunter on my opensuse 42.3 linux Operating System, I get
this result telling me that I have a possible rootkit.
> Rootkit checks...
> Rootkits checked : 500
> Possible rootkits: 1
I have looked through the var/log/rkhunter.log and don't find anything
that stands out to
If you are absolutely sure it’s clean then whitelist it in rkhunter.conf.local.
#
# The following two options can be used to whitelist files and directories
# that would normally be flagged with a warning during the various rootkit
# and malware checks. If the file or directory name contains a
Mark Misulich wrote:
Hi,
I recently installed rkhunter-1.3.6 on my laptop computer on two
linux operating systems. On this laptop I have opensuse 11.1 and
Elive development version 1.9.51 installed, along with Win7. I just
purchased the laptop so both linux instalations are fresh installs.
On Thu, 2009-12-03 at 13:46 -0500, Mark Misulich wrote:
Rootkit checks...
Possible rootkits: 2
Rootkit names: Xzibit Rootkit, Xzibit Rootkit
This looks a little odd, but in some respects is correct. The Xzibit
rootkit has been detected in 2 different tests, and so is reported
Hi,
I recently installed rkhunter-1.3.6 on my laptop computer on two linux
operating systems. On this laptop I have opensuse 11.1 and Elive development
version 1.9.51 installed, along with Win7. I just purchased the laptop so both
linux instalations are fresh installs.
When I ran rkhunter -c
I got something similar recently. I think it was a phishing expedition.
Shouldn't you change the subject of your email when you start a new thread?
Dave
On Dec 3, 2007 12:24 AM, Johan Sundström [EMAIL PROTECTED] wrote:
Hi all!
I got the report below this morning, ive run the rkhunter and it
Hi all!
I got the report below this morning, ive run the rkhunter and it
reports no rootkit. Anyone seen this before? The computer using the ip-
adress is a linux-machine.
--
[EMAIL PROTECTED] - Sun Dec 02 17:20:21 2007]:
Greetings:
IP Address of attacker: xxx.yyy.zzz.zzz
Type of
Hi all!
I got the report below this morning, ive run the rkhunter and it
reports no rootkit. Anyone seen this before? The computer using the ip-
adress is a linux-machine.
--
[EMAIL PROTECTED] - Sun Dec 02 17:20:21 2007]:
Greetings:
IP Address of attacker: xxx.yyy.zzz.zzz
Type of
Hallo, Johan,
Du (johan.sundstrom) meintest am 03.12.07:
IP Address of attacker: xxx.yyy.zzz.zzz
Type of attack: URL Injection -- attempt to inject / load files onto
the server via PHP/CGI vulnerabilities
Sample log report including date and time stamp:
Request: onlinesurfnshop.com
Hi!
That much i understand.
Problem is that its not my apache-log. The IP wich is showing up in
the log is my server.(the one making the requests) So what is causing
it? Cant fint any rootkits with rkhunter..
Cheers!
/J
On 3 dec 2007, at 13.33, Helmut Hullen wrote:
Hallo, Johan,
Du
16 matches
Mail list logo