Rkhunter found rootkits

Non-LTS (non-Marathon) related topics
Ответить
Dharman
Сообщения: 71
Зарегистрирован: 11 июн 2013, 11:59
Operating system: Rosa desktop.Fresh r10 KDE, Plasma, x64

Rkhunter found rootkits

Сообщение Dharman » 18 авг 2013, 15:23

See this film, on full screen option to see how rkhunter found two rootkits on ROSA Fresh R1. I use MIB repo too and newest kernel from abf...
Chromium-browser and google-chrome, gimp, stellarium, vlc, opera, and more aplications but from official repo.

http://www.youtube.com/watch?v=pW5_0Ow5Exc

How to delete Gasrootkits (I saw it in Mandriva 2011 too)...

And have you unknown rootkits too?

This film is seen only from this link not publically, so someone may give some advice and help to identify what is this....

Аватара пользователя
VictorR2007
Сообщения: 6224
Зарегистрирован: 12 сен 2011, 13:00
Operating system: ROSA 2016.1
Откуда: Северодвинск

Re: Rkhunter found rootkits

Сообщение VictorR2007 » 18 авг 2013, 16:01

chkrootkit?

Аватара пользователя
akdengi
Сообщения: 1381
Зарегистрирован: 12 сен 2011, 13:44

Re: Rkhunter found rootkits

Сообщение akdengi » 18 авг 2013, 16:26

STOP PANIC!!!
Every year users was find 'rootkits', but simple google about say that is not real...

PastorDi
Сообщения: 2679
Зарегистрирован: 25 авг 2011, 12:34
Operating system: IBM DOS, OS/2
Откуда: Санкт-Петербург
Контактная информация:

Re: Rkhunter found rootkits

Сообщение PastorDi » 18 авг 2013, 16:30

Dharman писал(а):See this film, on full screen option to see how rkhunter found two rootkits on ROSA Fresh R1. I use MIB repo too and newest kernel from abf...
Chromium-browser and google-chrome, gimp, stellarium, vlc, opera, and more aplications but from official repo.

http://www.youtube.com/watch?v=pW5_0Ow5Exc

How to delete Gasrootkits (I saw it in Mandriva 2011 too)...

And have you unknown rootkits too?

This film is seen only from this link not publically, so someone may give some advice and help to identify what is this....

Please read there http://forum.mandriva.com/en/viewtopic.php?t=136796

Dharman
Сообщения: 71
Зарегистрирован: 11 июн 2013, 11:59
Operating system: Rosa desktop.Fresh r10 KDE, Plasma, x64

Re: Rkhunter found rootkits

Сообщение Dharman » 24 авг 2013, 16:19

VictorR2007 - Chkrootkit found nothing problem, not infected!

It is not so much clear for me which is better chkrootkit or rkhunter? ;-)

In my country is many crackers who may try! ;-)

Eventually bugs from MDV need to be eliminated... , surly :evil:

Typical evil-bug seems on rkhunter like this from log file: /var/log/rkhunter.log

Example of about 50 warrnings are like this:

/sbin/ifdown [Warning] The file properties have changed
Current Inode: 131177 Stored Inode: 131044

I am interested what is on matter and why gives such warrning efect...

Gaskit Rootkit Warrning:

Directory ' dev/dev' found

Starting test name 'running_procs'
Cheking running processes for suspicious files [Warrning]
The following processes are using suspicious files:

Command: crond
UID: 0 PID: 1973
Pathname: /etc/crondtab
Possible Rootkit: Unknown Rootkit

That is all... 8)

Ответить