chkrootkit output
Stuart Lowe
stuart at teksavvy.com
Tue May 31 17:01:12 UTC 2005
On Tue, May 31, 2005 at 12:44:30PM -0400, Matthew Miller wrote:
> On Tue, May 31, 2005 at 05:42:00PM +0100, Andy Green wrote:
> > | Checking `chkutmp'... The tty of the following user process(es) were
> > not found
> > | in /var/run/utmp !
> > | ! RUID PID TTY CMD
> > | ! root 4674 tty1 /sbin/mingetty tty1
> > Either we are both hacked the same way ;-) or it means chrootkit has
> > identified something that is a normal situation on our Fedora machines.
>
> Looks like chkutmp is new in version 0.45, and is being overly aggressive.
> This looks like a bug to me; I think it should be reported upstream at
> <http://www.chkrootkit.org/>.
Thanks for your comments guys. For what it's worth I sent in a comment to the authors at chkrootkit.org.
Cheers,
Stuart.
--
Stuart Lowe | Toronto, CAN | key ID on keyserver | Skype stuart.lowe
Fedora Core release 3 (Heidelberg) GNU/Linux kernel 2.6.11-1.27_FC3 on i686 nyarlathotep
12:59:07 up 41 min, 6 users, load average: 0.00, 0.03, 0.07
More information about the users
mailing list