William Case billlinux at
Sun Dec 11 15:25:31 UTC 2005

On Sun, 2005-12-11 at 00:44 -0500, Scot L. Harris wrote:
> On Sun, 2005-12-11 at 00:31, Gene Heskett wrote:
> > A friend of mine just reported he has been rooted, and his machine was 
> > spewing spam in the name of the colonial bank.
> > FWIW, chkrootkit didn't find it!
> > 
> Did you try rkhunter?  Would be interesting to know if it could see it.
> > Whats the general removal procedure for this, and better yet, how did 
> > they get in?
> Once a system has been rooted the only action to take is to rebuild the
> system from scratch, format the drives and install clean.  Be very
> careful of anything backed up on the system since the root kit was
> installed.

I think I know in a general kind of way.  But, what is a rootkit?

Regards Bill

More information about the users mailing list