chkrootkit reported possible LKM Trojan. 4 processes hidden for ps command.
Before reformating the hard drive and reinstalling Debian, started a dvd
backup using growisofs.
The backup of /usr was successful, backup of /var failed with duplicate
names in /rr_moved.
Obviously I would like to
On Sat, Nov 29, 2003 at 05:49:31AM -0500, Thomas H. George wrote:
chkrootkit reported possible LKM Trojan. 4 processes hidden for ps command.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=217278
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=219730
Before reformating the hard drive and
On Sat, Nov 29, 2003 at 05:49:31AM -0500, Thomas H. George wrote:
chkrootkit reported possible LKM Trojan. 4 processes hidden for ps command.
Do you have any other evidence of the LKM Trojan, beyond chkrootkit's
output?
I think you may just be looking at a bug that's not yet been worked
out.
On Sat, 29 Nov 2003 05:49:31 -0500, Thomas H. George wrote:
chkrootkit reported possible LKM Trojan. 4 processes hidden for ps command.
Before reformating the hard drive and reinstalling Debian, started a dvd
backup using growisofs.
The backup of /usr was successful, backup of /var failed
Hello Thomas!
On Sat, Nov 29, 2003 at 05:49:31AM -0500, Thomas H. George wrote:
chkrootkit reported possible LKM Trojan. 4 processes hidden for ps command.
Wow, hold on, first check
chkrootkit -x lkm
and see whether the report only contains PID 3-6. If so then it's only
a bug, see
Thomas H. George wrote:
chkrootkit reported possible LKM Trojan. 4 processes hidden for ps
command.
Bug in chrootkit. Check Debian Bugs. Has been discussed here before.
Before reformating the hard drive and reinstalling Debian, started a dvd
backup using growisofs.
The backup of /usr was
On Sat, Nov 29, 2003 at 05:49:31AM -0500, Thomas H. George wrote:
chkrootkit reported possible LKM Trojan. 4 processes hidden for ps command.
Are you aware to, for example, the section titled `Running chkrootkit'
of http://www.wiggy.net/debian/developer-securing?
I don't know the
On Sat, Nov 29, 2003 at 10:58:31AM -0500, Paul Morgan wrote:
On Sat, 29 Nov 2003 05:49:31 -0500, Thomas H. George wrote:
chkrootkit reported possible LKM Trojan. 4 processes hidden for ps command.
Before reformating the hard drive and reinstalling Debian, started a dvd
backup using
On Sat, Nov 29, 2003 at 09:39:30AM -0500, Thomas H. George wrote:
I still must learn about the /rr_moved directory which blocks my
In case it helps : rr_moved is the name used for a special directory on
iso9660 filesystems when using Rock Ridge extensions. IIRC it is needed
because standard
On Sat, 29 Nov 2003 21:10:14 +0100, Thomas H. George wrote:
I still must learn about the /rr_moved directory which blocks my
backups but this is a separate issue so I will post a separate question.
man mkisofs, look for rr_moved in various capitalizations.
--
Best Regards, | Hi! I'm a
10 matches
Mail list logo
