Do I have an infected init file?

看板FB_security作者時間20年前 (2005/05/13 00:38), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串1/4 (看更多)
--0-911594080-1115915886=:97759 Content-Type: text/plain; charset=us-ascii Hello; I'm running a FreeBSD 4.10-release-p2 box and both chkrootkit 0.44 & 0.45 report that my /sbin/init file is infected. It appears as though the egrep for "UPX" in the output of "strings" triggers the infected notice. When I copy the init file from an uninfected box to this one chkrootkit continues to report it as infected. Is chkrootkit reading a copy of the /sbin/init file stored in active memory? If my machine is compromised, which rootkit is installed / how can I find out which rootkit is installed? As a side note, neither Kaspersky AV nor rkhunter report any infections. Attached is some of the debug output. Thanks in advance to any respondents. Sincerely; David Hutchens III --------------------------------- Discover Yahoo! Find restaurants, movies, travel & more fun for the weekend. Check it out! --0-911594080-1115915886=:97759 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" --0-911594080-1115915886=:97759--
更多 dhutch9999. 的文章
文章代碼(AID): #12WuQU00 (FB_security)
更多 dhutch9999. 的文章
文章代碼(AID): #12WuQU00 (FB_security)