From owner-freebsd-questions@FreeBSD.ORG Mon Jul 7 06:06:07 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 31BAF37B404 for ; Mon, 7 Jul 2003 06:06:07 -0700 (PDT) Received: from web1.nexusinternetsolutions.net (web1.nexusinternetsolutions.net [206.47.131.12]) by mx1.FreeBSD.org (Postfix) with SMTP id 5838843FAF for ; Mon, 7 Jul 2003 06:06:06 -0700 (PDT) (envelope-from dave@hawk-systems.com) Received: (qmail 48384 invoked from network); 7 Jul 2003 13:06:05 -0000 Received: from unknown (HELO ws1) (24.157.103.51) by web1.nexusinternetsolutions.net with SMTP; 7 Jul 2003 13:06:05 -0000 From: "Dave [Hawk-Systems]" To: =?iso-8859-1?Q?Michael_B=FCttner?= , Date: Mon, 7 Jul 2003 09:06:04 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal Subject: RE: (* chtoorkit) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2003 13:06:07 -0000 >I found the following a day on our Mailserver (* chtoorkit) What means that? /usr/ports/security/chkrootkit does a batch of scans and comparisons to see if a root kit has been installed on your system. If you are using it, just a warning, that if you have a busy web server, you may get false lkm positives from time to time regarding hidden processes. Dave