Hi Richard
On 03/13/2013 03:59 AM, Richard Hector wrote:
This was the problem! Thank you very much. I installed prelink looong
time ago (> 3 years). Why do I got this problem suddenly right now,
after so many years? - no idea. Probably some configuration file got
overwritten during update.
So
On 13/03/13 01:20, Sergey Spiridonov wrote:
> Hi Sven
>
> On 03/12/2013 11:34 AM, Sven Joachim wrote:
>
>> FWIW, it is possible that the files had been subject to being treated
>> with prelink(8); debsums will not report those files unless called with
>> the "--no-prelink" option.
>
> This was t
Verde Denim grabbed a keyboard and wrote:
> On 03/11/2013 09:19 PM, David Guntner wrote:
>> That's actually a fairly well-known false positive.
>>
>> If you want to silence that message, search your /etc/rkhunter.conf file
>> for the part which has RTKT_FILE_WHITELIST= in it, and then whitelist
>>
On 03/11/2013 09:19 PM, David Guntner wrote:
> sp113438 grabbed a keyboard and wrote:
>> After running on my amd64 squeeze:
>> # rkhunter --update
>> rkhunter -c
>>
>> rkhunter showed one warning:
>>
>> Warning: Checking for possible rootkit strings [ Warning ]
>> [01:25:23] Found string 'hdparm' i
Hi Sven
On 03/12/2013 11:34 AM, Sven Joachim wrote:
FWIW, it is possible that the files had been subject to being treated
with prelink(8); debsums will not report those files unless called with
the "--no-prelink" option.
This was the problem! Thank you very much. I installed prelink looong
t
On 2013-03-12 10:36 +0100, Sergey Spiridonov wrote:
> On 03/12/2013 01:23 AM, sp113438 wrote:
>
>> No solution, but how did you find out about the changed size?
>
> This is all happening on the remote machine of my friend. I do not
> have direct access to hardware.
>
> First skype refused to start
Hi sp113438
On 03/12/2013 01:23 AM, sp113438 wrote:
No solution, but how did you find out about the changed size?
This is all happening on the remote machine of my friend. I do not have
direct access to hardware.
First skype refused to start complaining about modified binary. I
reinstalle
sp113438 grabbed a keyboard and wrote:
> After running on my amd64 squeeze:
> # rkhunter --update
> rkhunter -c
>
> rkhunter showed one warning:
>
> Warning: Checking for possible rootkit strings[ Warning ]
> [01:25:23] Found string 'hdparm' in file
> '/etc/init.d/.depend.boot'. Pos
* On 2013 11 Mar 19:43 -0500, sp113438 wrote:
> After running on my amd64 squeeze:
> # rkhunter --update
> rkhunter -c
>
> rkhunter showed one warning:
>
> Warning: Checking for possible rootkit strings[ Warning ]
> [01:25:23] Found string 'hdparm' in file
> '/etc/init.d/.depend.boo
On Tue, 12 Mar 2013 01:23:09 +0100
sp113438 wrote:
> On Tue, 12 Mar 2013 00:19:27 +0100
> Sergey Spiridonov wrote:
>
> > Hi Debian
> >
> > Just detected several modified binaries on one of my Debian Squeeze
> > 32 bit,
> > like /usr/bin/passwd, /bin/dash, /sbin/hdparm, /usr/bin/skype etc.
> >
On Tue, 12 Mar 2013 00:19:27 +0100
Sergey Spiridonov wrote:
> Hi Debian
>
> Just detected several modified binaries on one of my Debian Squeeze
> 32 bit, like /usr/bin/passwd, /bin/dash, /sbin/hdparm, /usr/bin/skype
> etc. Modified files are bigger in size, but debsums does not complain
> about
Hi Debian
Just detected several modified binaries on one of my Debian Squeeze 32
bit, like /usr/bin/passwd, /bin/dash, /sbin/hdparm, /usr/bin/skype etc.
Modified files are bigger in size, but debsums does not complain about
them. I tried clamscan and avast on this binaries on another host, the
12 matches
Mail list logo
