Weird Network Manager Problem (Updated)
Mike Dwiggins
mike at azdwiggins.com
Sun Sep 26 02:14:38 UTC 2010
JB,
I figured you or someone else might like to know this. I killed the dhc
process and cleaned up the .conf files did a restart on Network Manage
and everything worked!
Ran chkrootkit and it hit on netstat as Infected (imagine that). It
also reported a possible LKM Trojan intrusion. I then ran rkhunter and
it threw warnings on the following files:
/bin/netstat
/bin/ps
/usr/bin/top
/usr/bin/lsof
It also reported undocumented password change and group file changes.
Password I could see with me going through Webmin to reset the root
password but, I was careful to change nothing else much less groups!
I rebooted and the problem was back just as before!
With that I threw up my hands and have WipeDrive going on the drives in
DoD mode!
Hope this might help someone!
Again thanks for the help!
More information about the users
mailing list