hi lists, below is the chkrootkit output on my linuxbox using redhat 9. can anyone plz. tell how to fix the problem. thanks
ROOTDIR is `/' Checking `basename'... Not vulnerable Checking `biff'... NOT TESTED Checking `chfn'... Not vulnerable Checking `chsh'... Not vulnerable Checking `cron'... Not vulnerable Checking `date'... Not vulnerable Checking `du'... INFECTED Checking `dirname'... Not vulnerable Checking `Echo'... Not vulnerable Checking `env'... Not vulnerable Checking `find'... INFECTED Checking `fingerd'... Not vulnerable Checking `grep'... Not vulnerable Checking `su'... Not vulnerable Checking `ifconfig'... INFECTED Checking `inetd'... Not vulnerable Checking `identd'... NOT TESTED Checking `killall'... INFECTED Checking `login'... Not vulnerable Checking `ls'... INFECTED Checking `mail'... Not vulnerable Checking `netstat'... INFECTED Checking `passwd'... Not vulnerable Checking `pidof'... Not vulnerable Checking `pop2'... NOT TESTED Checking `pop3'... NOT TESTED Checking `ps'... INFECTED Checking `pstree'... Not vulnerable Checking `rpcinfo'... Not vulnerable Checking `rshd'... Not vulnerable Checking `sendmail'... Not vulnerable Checking `sshd'... Not vulnerable Checking `syslogd'... Not vulnerable Checking `tar'... Not vulnerable Checking `tcpd'... Not vulnerable Checking `top'... INFECTED Checking `telnetd'... Not vulnerable Checking `timed'... NOT TESTED Checking `traceroute'... Not vulnerable Checking `write'... Not vulnerable Checking `asp'... Not vulnerable Checking `bindshell'... Not vulnerable Checking `z2'... Not Tested: can't exec ./chklastlog Checking `wted'... Not Tested: can't exec ./chkwtmp Checking `rexedcs'... Not vulnerable Checking `sniffer'... Not Tested: can't exec ./ifpromisc Checking `aliens'... /dev/ttyop /dev/ttyoa Searching for sniffer's logs, it may take a while... Nothing found Searching for t0rn's default files and dirs... Nothing found Searching for Lion Worm default files and dirs... Nothing found Searching for RSHA's default files and dir... Nothing found Searching for RH-Sharpe's default files... Possible RH-Sharpe's rootkit installed Searching for Ambient's rootkit (ark) default files and dirs... Nothing found Searching for suspicious files and dirs, it may take a while... /usr/lib/perl5/5.8.0/i386-linux-thread-multi/.packlist /usr/lib/perl5/5.8.0/i386-linux-thread-multi/auto/File/Spec/.packlist /usr/lib/perl5/5.8.0/i386-linux-thread-multi/auto/File/Temp/.packlist /usr/lib/perl5/5.8.0/i386-linux-thread-multi/auto/CGI/.packlist /usr/lib/perl5/5.8.0/i386-linux-thread-multi/auto/Text/.packlist /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/auto/Bundle/Bugzilla/.packlist /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/auto/AppConfig/.packlist /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/auto/Data/Dumper/.packlist /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/auto/Data/ShowTable/.packlist /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/auto/DBI/.packlist /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/auto/TimeDate/.packlist /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/auto/Template/.packlist /usr/lib/openoffice/share/gnome/net/.directory /usr/lib/openoffice/share/gnome/net/.order /usr/lib/op enoffice/share/kde/net/applnk/OpenOffice.org/.directory /usr/lib/openoffice/share/kde/net/applnk/OpenOffice.org/.order /lib/security/.config /lib/security/.config Searching for Ramen Worm files and dirs... Nothing found Searching for RK17 files and dirs... Nothing found Searching for anomalies in shell history files... Warning: `//root/.openoffice/user/work //root/.openoffice/setup //root/.openoffice/soffice //root/.openoffice/spadmin //root/cvs-1.11.4/contrib/bin/rcs2log' is linked to another file Checking `lkm'... Not Tested: can't exec ./chkproc -- ___________________________________________________________ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm ------------------------------------------------------- This SF.Net email is sponsored by OSTG. Have you noticed the changes on Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now, one more big change to announce. We are now OSTG- Open Source Technology Group. Come see the changes on the new OSTG site. www.ostg.com _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
