Date: Sun, 13 Apr 2003 18:07:46 +0400 From: "Nickolay A. Kritsky" <nkritsky@internethelp.ru> To: Alexandru Balan <Alexandru.Balan@iNES.RO> Cc: freebsd-security@freebsd.org Subject: Re: chfn, chsh, ls, ps - INFECTED Message-ID: <11418603780.20030413180746@internethelp.ru> In-Reply-To: <1050241980.32076.26.camel@BSD.iNES.RO> References: <1050241980.32076.26.camel@BSD.iNES.RO>
index | next in thread | previous in thread | raw e-mail
Hello Alexandru, Sunday, April 13, 2003, 5:53:00 PM, you wrote: AB> My machine got hacked a few days ago through the samba bug. I AB> reinstalled everything cvsuped src-all, and ran chkrootkit. No more LKM AB> but still... AB> Can anyone please advise ? AB> bash-2.05b# chkrootkit | grep INFECTED AB> Checking `chfn'... INFECTED AB> Checking `chsh'... INFECTED AB> Checking `date'... INFECTED AB> Checking `ls'... INFECTED AB> Checking `ps'... INFECTED This was mentioned on this list before. Is your system 5.x ? ;------------------------------------------- ; NKritsky ; mailto:nkritsky@internethelp.ruhelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?11418603780.20030413180746>