Hello Eddy, On Mon, 30 Jul 2007 20:14:19 +0200 Eddy Belew <[EMAIL PROTECTED]> wrote: >I get this email everyday and 'weird' things are happening to my >server.
So apparently it's an ongoing situation that hasn't been corrected. We also seem to be missing info. What does "weird things happening" mean? >I have a very old Redhat Install. Need help. RHL (not RHEL) reached End-of-Life years ago. This means you miss out on crucial security and other updates. Sure you can keep alive an old RHL box if you know what to do but if you don't have the knowledge or can't invest the time then a cold migration is the only acceptable path. You see it's not only a risk for you or your business but all other Internet users. >/bin/dmesg: FAILED >/bin/mount: FAILED open or read "FAILED" means like the file ain't there. >/bin/dmesg [ BAD ] >/bin/kill [ BAD ] >/bin/login [ BAD ] >/bin/mount [ BAD ] These have changed contents, but that does not tell you the cause. You should verify them against your RPM database or even better against RPM's from an installer CD or remote repo. >Do I have a rootkit installed??? Hard to tell with so little information. I suggest you read these two docs before you act on it: Intruder Detection Checklist (CERT): http://www.cert.org/tech_tips/intruder_detection_checklist.html Steps for Recovering from a UNIX or NT System Compromise (CERT): http://www.cert.org/tech_tips/root_compromise.html If there's anything you want to ask: go right ahead, but please post some more (detailed) information. Regards, unSpawn -- HASH(0x8befbdc) HASH(0x8beac78) http://tagline.hushmail.com/fc/Ioyw6h4eKQFdFRihN0d6gd3yW8k3FhedMLzsDEINiewClaqRtlogZS/ ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
