Quoting Grant <[EMAIL PROTECTED]>:
also look for strange kernel modules
How can I do that?
One way is to test what's in your /lib/modules with what's in your
kernel source:
[cmds]
(cd /lib/modules/$( uname -r )/build/; find -type f -name '*.ko')|sort
> /tmp/t1
(cd /lib/modules/$( uname -r )/kernel/; find . -type f -name '*.ko';
cd .. ;find misc video -type f -name '*.ko') | sort > /tmp/t2
diff -u /tmp/t1 /tmp/t2 > /tmp/t3
$EDITOR /tmp/t3
[end cmds]
Anything that shows up with a + is extra that's not in your kernel
directory. You could then do this on those files:
[WHERE $FILE = {a single file with a + in front of it, but without the +}]
equery belongs /lib/modules/$( uname -r )/$FILE
if a package installed a module, it should show up with equery belongs.
Any other advice? I believe all ports to the internet have always
been closed.
if you find out that your machine was crashing due to hardware
failure, then more than likely that's all it was.
--
[EMAIL PROTECTED] mailing list
