Hi Spyridon:
Thank you for your replies. I was able to install the chkrootkit port
and it seems to show the system as clean.
To all other replies, thank you for your help also.
Cheers, Graham/
SPYRIDON PAPADOPOULOS wrote:
Hi again,
Well check this
the message in my
Hi there,
Graham North wrote:
-Original Message-
From: Graham North [EMAIL PROTECTED]
To: freebsd-questions@freebsd.org
Date: Sun, 15 Jan 2006 12:23:08 -0800
Subject: Rootkit detection
I would like to determine if my server has had rootkit installed by a
hacker.
FBSD 4.11. Main
Hi again,
Well check this
the message in my /var/log/messages is:
kernel: arp: 192.168.2.34 moved from 00:13:8f:4c:1b:41 to 00:11:2f:0c:b1:0a on
rl0
So Hmm now that i am thinking of it again:
server /kernel: arp 00:11:43:4a:8d:18 is using my IP address
192.168.0.102
This also looks
Some NSP's which are network service providers use private ip's and will
tend to give you those type of arp msg's if your are part of the network i
would say if nothing seem different either format and reinstall the damn
thing or fix it as to what i see your dont have a root kit as root kits
dont
