Incoming from Gregory Pierce: > > In running chkrootkit (version 0.43) tonight I got the following > warning: > > Checking `lkm'... You have 16 process hidden for readdir command > You have 16 process hidden for ps command > Warning: Possible LKM Trojan installed > > But when I run chkrootkit from KDE it comes up clean. Can I really be > compromised and chkrootkit detect a trojan from within gnome but not > when I am running from KDE? > > I am not at all sure what to do from here. Should I just start from > scratch and re-install everything?
I think all chkrootkit installs should be accompanied by a banner (which demands acknowledgement) which mentions what new users should do when chkrootkit tells them something appears to be fishy. - check the chkrootkit archives( http://marc.theaimsgroup.com/?l=chkrootkit-users) - send questions and queries to the chkrootkit mailing list ([EMAIL PROTECTED]). - Don't panic! -- Any technology distinguishable from magic is insufficiently advanced. (*) http://www.spots.ab.ca/~keeling - - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
