Duane Loftus wrote:
>
> YEA! Ta Da ! WooHoo!
>
> The re-install worked! I have done --propupd and --update and run the
> first scan after making some mods in the rkhunter.conf file.
Congratulations!
> {Thank you all so very much.}
>
> I am pretty sure I have a trojan or resident spoofer in there,
Why?
> especially on one of the domains that has bandwidth / traffic going thru
> the roof. It will take some time and effort to learn the logs and what
> I can do about them. I'll work at it.
>
> Here is a section of my rkhunter.log. What should I be doing about the
> "warning" items?
[...]
I didn't see anything particularly scary in there, unless you don't
intend to run those services, in which case I'd wonder how they got
enabled, and shut them down.
You might try tcpdump to get a handle on what kind of traffic
you are passing.
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I speak only for myself, and I am unanimous in that!
------------------------------------------------------------------------------
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
