On 9/26/10 8:17 AM, JD wrote:
>
> On 09/26/2010 05:49 AM, James McKenzie wrote:
>> On 9/25/10 11:05 PM, Ed Greshko wrote:
>>> On 09/26/2010 01:52 PM, JD wrote:
On 09/25/2010 10:42 PM, Ed Greshko wrote:
> On 09/26/2010 12:54 PM, JD wrote:
>> Well,if my machine was rooted,
On 09/26/2010 05:49 AM, James McKenzie wrote:
>On 9/25/10 11:05 PM, Ed Greshko wrote:
>>On 09/26/2010 01:52 PM, JD wrote:
>>> On 09/25/2010 10:42 PM, Ed Greshko wrote:
On 09/26/2010 12:54 PM, JD wrote:
> Well,if my machine was rooted, and I have a firewall that
> drops AL
JB gmail.com> writes:
> ...
> > Ran chkrootkit and it hit on netstat as Infected (imagine that). It
> > also reported a possible LKM Trojan intrusion. I then ran rkhunter and
> > it threw warnings on the following files:
> > /bin/netstat
> > /bin/ps
> > /usr/bin/top
> > /usr/bin/lsof
> >
>
On 9/25/10 11:05 PM, Ed Greshko wrote:
> On 09/26/2010 01:52 PM, JD wrote:
>> On 09/25/2010 10:42 PM, Ed Greshko wrote:
>>>On 09/26/2010 12:54 PM, JD wrote:
Well,if my machine was rooted, and I have a firewall that
drops ALL incoming requests, then how was it rooted if not
th
Mike Dwiggins azdwiggins.com> writes:
>
> JB,
>
> I figured you or someone else might like to know this. I killed the dhc
> process and cleaned up the .conf files did a restart on Network Manage
> and everything worked!
>
> Ran chkrootkit and it hit on netstat as Infected (imagine that).
On 09/26/2010 01:52 PM, JD wrote:
>
> On 09/25/2010 10:42 PM, Ed Greshko wrote:
>> On 09/26/2010 12:54 PM, JD wrote:
>>> Well,if my machine was rooted, and I have a firewall that
>>> drops ALL incoming requests, then how was it rooted if not
>>> through some package or through the kernel itself
On 09/25/2010 10:42 PM, Ed Greshko wrote:
> On 09/26/2010 12:54 PM, JD wrote:
>> Well,if my machine was rooted, and I have a firewall that
>> drops ALL incoming requests, then how was it rooted if not
>> through some package or through the kernel itself?
> I would suggest folks take a step bac
On 09/26/2010 12:54 PM, JD wrote:
> Well,if my machine was rooted, and I have a firewall that
> drops ALL incoming requests, then how was it rooted if not
> through some package or through the kernel itself?
I would suggest folks take a step back and do some research on "lkm
false positive" befo
On 09/25/2010 08:38 PM, James McKenzie wrote:
>On 9/25/10 8:34 PM, Mike Dwiggins wrote:
>> On 9/25/2010 8:28 PM, JD wrote:
>>> On 09/25/2010 07:14 PM, Mike Dwiggins wrote:
JB,
I figured you or someone else might like to know this. I killed the dhc
process and cl
On 9/25/10 8:34 PM, Mike Dwiggins wrote:
>On 9/25/2010 8:28 PM, JD wrote:
>> On 09/25/2010 07:14 PM, Mike Dwiggins wrote:
>>> JB,
>>>
>>> I figured you or someone else might like to know this. I killed the dhc
>>> process and cleaned up the .conf files did a restart on Network Manage
>>
On 9/25/2010 8:28 PM, JD wrote:
>
> On 09/25/2010 07:14 PM, Mike Dwiggins wrote:
>> JB,
>>
>> I figured you or someone else might like to know this. I killed the dhc
>> process and cleaned up the .conf files did a restart on Network Manage
>> and everything worked!
>>
>> Ran chkrootkit and i
On 09/25/2010 07:14 PM, Mike Dwiggins wrote:
>JB,
>
> I figured you or someone else might like to know this. I killed the dhc
> process and cleaned up the .conf files did a restart on Network Manage
> and everything worked!
>
> Ran chkrootkit and it hit on netstat as Infected (imagine that).
12 matches
Mail list logo
