ik wrote:
See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=222179.Hello,
I'm using debian as my desktop system. Recently i installed the program "chkrootkit". This program scans the system and give you output regarding it's findings.
Sometimes i have 2-8 hidden proccess that does not seen in "ps". So the program tells me i might have some backdor known as LVM.
In general - chkrootkit is not updated to handle the threading model of kernel 2.6 so
this check is not reliable. (you do use 2.6 do you?)
Now, i know that some programs will use hidden proccess for short time, so iReally?? I wasn't aware that hidden processes are possible in "standard" linux API's.
do not warry that i really have this LVM, because when i'm on console mode, i do not have any type of report for hidden, but sometiems i have it when i'm in xfree.Um. There are many documents about enhancing linux security, you don't necessarily have to follow only
And now for the question :) I have firewall (amm iptables that sets by shorewall), i have my own user.. and two other users as well. How can i increase my security in a way that i could be relax from warry about backdoors like rootkits ?
Please note i read the officail debian document about security ... but it does not seems to help me to solve this type of problem..
the official one. Google around.
I think that SELinux (there is a debian package for this, at least in "unstable", see http://www.nsa.gov/selinux/index.cfm)
is a pretty mature one but it should be handled with care or you might find yourself easely "locked out" of many
functions on the system. In short what it does is to provide "strong, flexible mandatory access control architecture
incorporated into the major subsystems of the kernel".
Thank you for all answer
Ido
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
