Date: Wed, 28 Nov 2007 11:45:28 +0000 (GMT) From: Robert Watson <rwatson@FreeBSD.org> To: JP <johnpollock@bellsouth.net> Cc: freebsd-security@freebsd.org Subject: Re: chkrootkit V. 0.47 Message-ID: <20071128114355.D80898@fledge.watson.org> In-Reply-To: <200711200941.52719.johnpollock@bellsouth.net> References: <200711200941.52719.johnpollock@bellsouth.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 20 Nov 2007, JP wrote: > --and-- > Checking `lkm'... You have 131 process hidden for readdir command > chkproc: Warning: Possible LKM Trojan installed I wonder if it's trying to use procfs, which isn't mounted by default in FreeBSD, and as a result reporting that /proc is empty (which is expected). You could try mounting procfs and see if the message goes away, which would answer the question -- however, we don't generaly advise mounting procfs unless it is required, as it is a deprecated feature. Robert N M Watson Computer Laboratory University of Cambridge
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071128114355.D80898>