On Sat, 20 Dec 2008 09:43:30 +0000 "James Youngman" <j...@gnu.org> wrote:
> On Fri, Dec 19, 2008 at 11:25 AM, oneman <li...@onemanifest.net> wrote: > > Hi All, > > > > > > chkrootkit is complaining about processes hidden from ps and readdir. So I'd > > like to run debsums on them to test the integrity of ps and readdir. > > However, 'debsums ps' doesn't work. Wich package name should I use to check > > the integrity of these two? > > readdir is a function in the C library. If it is being fooled, the > problem is either in the C library (which busybox will almost > certainly also use) or in the kernel (which everything uses). Regular busybox uses libc6, but busybox-static is a statically linked version which doesn't. Of course, your point about the kernel is still valid. > Probably the best option is to boot from a known-good CD or DVD and > run your diagnostic tools from that. Agreed. Celejar -- mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
