chkrootkit: possible trojan
Stuart
fedora at bluewise.co.za
Sat Sep 11 13:40:08 UTC 2004
Hi list
On FC2 kernel 2.6.8.1 chkrootkit-0.44 reports a possible trojan Adore.
Googling and paging through archives has led me to think that either it
is a false positive ( either hosted virtual server environment /
chkrootkit-0.44 reporting falsely), or if it is a true positive, the
only way to kill it is to nuke the OS.
I haven't been able to lsmod, init 6, etc... which leads me to think
that it's a true positive.
I would appreciate any advice, there is not much literature out there on
the subject.
TIA Stu@
More information about the users
mailing list