On 1-Dec-08, at 7:00 PM, Al G wrote:
I just joined your list, and I've got some problems with my computer.I have Ubuntu Hardy Heron OS, and I think that I have accidentally had a keylogger and some other root kits installed on it.
Hi JayI think it's important that you explain WHY you think you have a keylogger etc. It's not likely (but possible) that a beginning user would run into those kind of issues. Perhaps you are misinterpreting something.
Now, on to using rkhunter... You don't actually need to know where it is :-)It's a program that only runs in a terminal. So, start a terminal by going to Applications -> Accessories -> Terminal
Now, at the prompt, type
sudo rkhunter --update
You'll see something like this.... First it asks you for your password
[sudo] password for administrator:
Then it will go and make sure it's all up to date.
[ Rootkit Hunter version 1.3.0 ] Checking rkhunter data files...Checking file mirrors.dat [ No update ] Checking file programs_bad.dat [ No update ] Checking file backdoorports.dat [ No update ] Checking file suspscan.dat [ No update ] Checking file i18n/cn [ No update ] Checking file i18n/en [ No update ] Checking file i18n/zh [ No update ] Checking file i18n/zhutf [ No update ]
OK - now we know it's up to date, we'll run a real check on our system. So, type
sudo rkhunter --check
You'll get lots and lots of stuff. Don't freak out at anything you see, just post it here and we can discuss it further. When you first run rkhunter it will warn you about a number of items that may or may not be an issue - it needs human judgement to fine tune it to your system when first installed. Once it's set up, it will be easy going forward.
So, to recap 1 - why do you think you have a problem 2 - run rkhunter as suggested and post us back with the output Brian
PGP.sig
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
