On Saturday 04 February 2006 12:50, BTP wrote: >I did as you mention by booting from a knoppix cd and try to check the > hard drive partitions with chkrootkit. Chkrootkit however did not run > in the same typical manner as it does when I invoke it from my Debian > console: it complained about not being able to do everything it's > supposed to, I can't remember the details. > >Also I gave a quick try to install some virus scanner from the Knoppix >software install menu, but I lost my interest into figuring all that > out and did not perform a virus scan. > >I did not find any specific instructions on google for dealing with >compromised systems using knoppix, other than what I tried to do. > >Does anyone have any links or specific hints regarding this?? > >Bart > chkrootkit is fussy about its $PATH's. I found that when I run it a crontab entry, the path cron uses must be appended to include where chkrootkit lives AND that I had to cd to that location else it couldn't find the rest of its pieces, and complained in the manner you're talking about.
>> I'd not run anything else from a hard drive I suspect is >> compromised. Reboot with a liveCD and examine it from >> there. >> >> Tony >> >> >> -- >> To UNSUBSCRIBE, email to [EMAIL PROTECTED] >> with a subject of "unsubscribe". Trouble? Contact >> [EMAIL PROTECTED] -- Cheers, Gene People having trouble with vz bouncing email to me should add the word 'online' between the 'verizon', and the dot which bypasses vz's stupid bounce rules. I do use spamassassin too. :-) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
