Sei que isso j� rodou por aqui algumas vezes, j� dei uma olhada no faq, mas gostaria da opini�o de vcs a respeito. Rodei o chkrootkit na minha m�quina e a �nica coisa estranha que a apareceu foi:
Checking `lkm'... You have 21 process hidden for readdir command You have 21 process hidden for ps command Warning: Possible LKM Trojan installed ai executei: ./chkrootkit -x lkm (p/ ver que processos s�o estes) me retornou isso: ROOTDIR is `/' ### ### Output of: ./chkproc -v -v ### PID 10133: not in readdir output PID 10133: not in ps output CWD 10133: /home/teste EXE 10133: /usr/local/java/bin/java PID 10134: not in readdir output PID 10134: not in ps output CWD 10134: /home/teste EXE 10134: /usr/local/java/bin/java PID 10135: not in readdir output PID 10135: not in ps output CWD 10135: /home/teste EXE 10135: /usr/local/java/bin/java PID 10136: not in readdir output PID 10136: not in ps output CWD 10136: /home/teste EXE 10136: /usr/local/java/bin/java PID 10137: not in readdir output PID 10137: not in ps output CWD 10137: /home/teste EXE 10137: /usr/local/java/bin/java PID 10138: not in readdir output PID 10138: not in ps output CWD 10138: /home/teste EXE 10138: /usr/local/java/bin/java PID 10139: not in readdir output PID 10139: not in ps output CWD 10139: /home/teste EXE 10139: /usr/local/java/bin/java PID 10142: not in readdir output PID 10142: not in ps output CWD 10142: /home/teste EXE 10142: /usr/local/java/bin/java PID 10144: not in readdir output PID 10144: not in ps output CWD 10144: /home/teste EXE 10144: /usr/local/java/bin/java PID 10145: not in readdir output PID 10145: not in ps output CWD 10145: /home/teste EXE 10145: /usr/local/java/bin/java PID 10146: not in readdir output PID 10146: not in ps output CWD 10146: /home/teste EXE 10146: /usr/local/java/bin/java PID 10147: not in readdir output PID 10147: not in ps output CWD 10147: /home/teste EXE 10147: /usr/local/java/bin/java PID 10149: not in readdir output PID 10149: not in ps output CWD 10149: /home/teste EXE 10149: /usr/local/java/bin/java PID 10155: not in readdir output PID 10155: not in ps output CWD 10155: /home/teste EXE 10155: /usr/local/java/bin/java PID 10156: not in readdir output PID 10156: not in ps output CWD 10156: /home/teste EXE 10156: /usr/local/java/bin/java PID 10159: not in readdir output PID 10159: not in ps output CWD 10159: /home/teste EXE 10159: /usr/local/java/bin/java PID 10160: not in readdir output PID 10160: not in ps output CWD 10160: /home/teste EXE 10160: /usr/local/java/bin/java You have 17 process hidden for readdir command You have 17 process hidden for ps command deu p/ perceber que o problema (se � que � problema) � com a VM da SUN (java), ou interpretei mal os logs? da� perceb� que estava executando o chkrootkit em um terminal no kde e que eu estava com o netbeans (IDE java da SUN) aberto... ent�o fechei o netbeans e executei novamente o chkrootkit, mas desta vez (com o netbeans fechado) n�o reportou nenhum LKM ou outro problema... a d�vida que fica � a seguinte: isso foi alarme falso? ou a minha VM java est� bichada (ou o qu�), neste caso: como, se LKM � no kernel e pelo que sei java n�o � m�dulo (e o que isso tem a ver com o ps e o readdir)... --------------------------------------------------------------------------- Esta lista � patrocinada pela Conectiva S.A. Visite http://www.conectiva.com.br Arquivo: http://bazar2.conectiva.com.br/mailman/listinfo/linux-br Regras de utiliza��o da lista: http://linux-br.conectiva.com.br FAQ: http://www.zago.eti.br/menu.html
