chkrootkit output

Stuart Lowe stuart at teksavvy.com
Tue May 31 17:01:12 UTC 2005


On Tue, May 31, 2005 at 12:44:30PM -0400, Matthew Miller wrote:
> On Tue, May 31, 2005 at 05:42:00PM +0100, Andy Green wrote:
> > | Checking `chkutmp'...  The tty of the following user process(es) were
> > not found
> > |  in /var/run/utmp !
> > | ! RUID          PID TTY    CMD
> > | ! root         4674 tty1   /sbin/mingetty tty1
> > Either we are both hacked the same way ;-) or it means chrootkit has
> > identified something that is a normal situation on our Fedora machines.
> 
> Looks like chkutmp is new in version 0.45, and is being overly aggressive.
> This looks like a bug to me; I think it should be reported upstream at
> <http://www.chkrootkit.org/>.

Thanks for your comments guys.  For what it's worth I sent in a comment to the authors at chkrootkit.org.

Cheers,

Stuart.
-- 
Stuart Lowe | Toronto, CAN | key ID on keyserver | Skype stuart.lowe
Fedora Core release 3 (Heidelberg) GNU/Linux kernel 2.6.11-1.27_FC3 on i686 nyarlathotep
 12:59:07 up 41 min,  6 users,  load average: 0.00, 0.03, 0.07




More information about the users mailing list