Date: Wed, 28 Jan 2009 17:40:51 -0500 From: Eitan Adler <eitanadlerlist@gmail.com> To: Glen Barber <glen.j.barber@gmail.com> Cc: ajtiM <lumiwa@gmail.com>, freebsd-questions@freebsd.org Subject: Re: chkrootkit Message-ID: <4980DEF3.3010504@gmail.com> In-Reply-To: <4ad871310901281430t5fb4f3c7racfc2dc1e1a90350@mail.gmail.com> References: <200901281613.43066.lumiwa@gmail.com> <4ad871310901281430t5fb4f3c7racfc2dc1e1a90350@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Glen Barber wrote: > On Wed, Jan 28, 2009 at 5:13 PM, ajtiM <lumiwa@gmail.com> wrote: >> Hi! >> >> My system: new installed FreeBSD 7.1, KDE 3.5.10 >> >> I ran chkrootkit and I got: >> >> ... >> Checking `sshd'... /usr/bin/strings: Warning: '/' is not an ordinary file >> ... >> ... >> Searching for t0rn's default files and dirs... nothing found >> Searching for t0rn's v8 defaults... Possible t0rn v8 \(or variation\) rootkit >> installed... >> > > Have you properly updated chrootkit? If so, it appears you have a > rootkit on your system. How old is the installation? > > I think this post [1] might be relevant from the debian mailing list. [1] http://lists.debian.org/debian-user/2001/12/msg02253.html -- Eitan Adler "Security is increased by designing for the way humans actually behave." -Jakob Nielsen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4980DEF3.3010504>