On Thu, 11 Mar 2010 23:27:56 +0100 William Maddler <n...@maddler.net> wrote: >The point is that smtp and lmtp aren't supposed to be hidden processes :)
Then (unless anyone can confirm this is OK behaviour) please check: - '\ps axfwwwe' output for all Postfix processes and check their UID and GID matches, - 'lsof -Pwn' output for all Postfix processes and check the (/proc/PID/exe) smtp and lmtp executable locations match those of the others, - hashes of all components in use match those already known (debsums or better: "known good" package contents), - system and daemon logs for any anomalies. ... and if necessary attach (text file) details like relevant excerpts of rkhunter.log, output of running 'unhide(-linux26?)' and list host details like if it's using virtualization (VPS?). Regards, unSpawn --- ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
