And you can try something that was recommended to me by someone on this
list...chkrootkit. Go to http://www.chkrootkit.org, download
chkrootkit.tar.gz, untar it, compile it, and run it as root. It checks
for symptoms of a ton of rootkits.
On Tue, 13 Feb 2001, Nitebirdz wrote:
> On Mon, 12 Feb 2001, Ben Ocean wrote:
>
> > Date: Mon, 12 Feb 2001 23:48:53 -0800
> > From: Ben Ocean <[EMAIL PROTECTED]>
> > Reply-To: [EMAIL PROTECTED]
> > To: [EMAIL PROTECTED]
> > Subject: Missing Files
> >
> > Hi;
> > I'm missing some files on my 6.2 box, to wit:
> > >>>
> > /var/log/lastlog
> > /var/log/wtmp
> > missing /mod_dav-0.9.11-1.3.6.tar.gz
> > missing /mod_dav-0.9.8-1.3.6-rh.patch
> > missing /mod_dav.spec
> > missing /mod_dav_faq.html
> > missing /mod_dav_readme.txt
> > missing /usr/doc/Apache_JServ-1.0/modules.html
> > <<<
> > I though installing *logrotate-3.3.2-1.i386.rpm* would have worked for the
> > logs but apparently not. I've installed a newer version of mod_dav: do I
> > need to be concerned with those errors? I cannot locate Apache_JServ
> > anywhere: is that a concern?
> > TIA,
> > BenO
> >
>
>
> Dunno about the Apache files, but the first two that you mention in your
> email (lastlog and wtmp) are routinely erased by crackers when they want
> to clean up. So, yes, I'd worry about it. Look around for clues of a
> possible break-in. Whatever you do, don't be alarmed. Nevertheless, there
> is a good chance that your box has been broken into. If that's the case,
> simply save important data files to backup and reinstall making sure you
> reformat the hard drive.
>
>
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
