On 1-Dec-08, at 7:00 PM, Al G wrote:

I just joined your list, and I've got some problems with my computer.

I have Ubuntu Hardy Heron OS, and I think that I have accidentally had a keylogger and some other root kits installed on it.


Hi Jay

I think it's important that you explain WHY you think you have a keylogger etc. It's not likely (but possible) that a beginning user would run into those kind of issues. Perhaps you are misinterpreting something.

Now, on to using rkhunter...

You don't actually need to know where it is :-)

It's a program that only runs in a terminal. So, start a terminal by going to Applications -> Accessories -> Terminal

Now, at the prompt, type
 sudo rkhunter --update


You'll see something like this....
First it asks you for your password
[sudo] password for administrator:


Then it will go and make sure it's all up to date.

[ Rootkit Hunter version 1.3.0 ]

Checking rkhunter data files...
Checking file mirrors.dat [ No update ] Checking file programs_bad.dat [ No update ] Checking file backdoorports.dat [ No update ] Checking file suspscan.dat [ No update ] Checking file i18n/cn [ No update ] Checking file i18n/en [ No update ] Checking file i18n/zh [ No update ] Checking file i18n/zhutf [ No update ]


OK - now we know it's up to date, we'll run a real check on our system. So, type

sudo rkhunter --check

You'll get lots and lots of stuff. Don't freak out at anything you see, just post it here and we can discuss it further. When you first run rkhunter it will warn you about a number of items that may or may not be an issue - it needs human judgement to fine tune it to your system when first installed. Once it's set up, it will be easy going forward.

So, to recap

1 - why do you think you have a problem

2 - run rkhunter as suggested and post us back with the output

Brian

Attachment: PGP.sig
Description: This is a digitally signed message part

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users

Reply via email to