On one customer system chkrootkit is reporting "amd" and "syslogd" are both infected.
His box is a RaQ3; my other RaQ3 boxes don't have an "amd" file. The syslogd in question is NOT the standard one; it's in a different place, and is in addition to the standard one. I did some Google searches, but haven't found the answer. Has anyone come across this? Does anyone know what it is? Thanks. Jeff -- Jeff Lasman <[EMAIL PROTECTED]> Linux and Cobalt/Sun/RaQ Consulting nobaloney.net P. O. Box 52672, Riverside, CA 92517 voice: (909) 778-9980 * fax: (702) 548-9484 _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
