On Fri, 26 Mar 2004 12:33:01 +0200 David Baron <[EMAIL PROTECTED]> wrote: > > Checking `lkm'... You have 1 process hidden for readdir command > You have 1 process hidden for ps command > Warning: Possible LKM Trojan installed > > Is this a true report? > What does this do? > How to get rid of it if true?
You may wish to read the documentation and/or search the web. Specifically, /usr/share/doc/chkrootkit/README.Debian , the chkrootkit open bug reports, what Wichart Akkerman wrote about this at http://www.wiggy.net/debian/developer-securing/ , and especially the archives of this mailing list. There, you can find links to info on when and why this can produce a false positive. -c -- Chris Metzler [EMAIL PROTECTED] (remove "snip-me." to email) "As a child I understood how to give; I have forgotten this grace since I have become civilized." - Chief Luther Standing Bear
pgp00000.pgp
Description: PGP signature
