ROSAForum

Forum about ROSA Linux Distros
https://forum.rosalinux.ru/

Rkhunter found rootkits

https://forum.rosalinux.ru/viewtopic.php?f=15&t=2372

Страница 1 из 1

Rkhunter found rootkits

Добавлено: 18 авг 2013, 15:23
Dharman
See this film, on full screen option to see how rkhunter found two rootkits on ROSA Fresh R1. I use MIB repo too and newest kernel from abf...
Chromium-browser and google-chrome, gimp, stellarium, vlc, opera, and more aplications but from official repo.

http://www.youtube.com/watch?v=pW5_0Ow5Exc

How to delete Gasrootkits (I saw it in Mandriva 2011 too)...

And have you unknown rootkits too?

This film is seen only from this link not publically, so someone may give some advice and help to identify what is this....

Re: Rkhunter found rootkits

Добавлено: 18 авг 2013, 16:01
VictorR2007
chkrootkit?

Re: Rkhunter found rootkits

Добавлено: 18 авг 2013, 16:26
akdengi
STOP PANIC!!!
Every year users was find 'rootkits', but simple google about say that is not real...

Re: Rkhunter found rootkits

Добавлено: 18 авг 2013, 16:30
PastorDi
Dharman писал(а):See this film, on full screen option to see how rkhunter found two rootkits on ROSA Fresh R1. I use MIB repo too and newest kernel from abf...
Chromium-browser and google-chrome, gimp, stellarium, vlc, opera, and more aplications but from official repo.

http://www.youtube.com/watch?v=pW5_0Ow5Exc

How to delete Gasrootkits (I saw it in Mandriva 2011 too)...

And have you unknown rootkits too?

This film is seen only from this link not publically, so someone may give some advice and help to identify what is this....

Please read there http://forum.mandriva.com/en/viewtopic.php?t=136796

Re: Rkhunter found rootkits

Добавлено: 24 авг 2013, 16:19
Dharman
VictorR2007 - Chkrootkit found nothing problem, not infected!

It is not so much clear for me which is better chkrootkit or rkhunter? ;-)

In my country is many crackers who may try! ;-)

Eventually bugs from MDV need to be eliminated... , surly :evil:

Typical evil-bug seems on rkhunter like this from log file: /var/log/rkhunter.log

Example of about 50 warrnings are like this:

/sbin/ifdown [Warning] The file properties have changed
Current Inode: 131177 Stored Inode: 131044

I am interested what is on matter and why gives such warrning efect...

Gaskit Rootkit Warrning:

Directory ' dev/dev' found

Starting test name 'running_procs'
Cheking running processes for suspicious files [Warrning]
The following processes are using suspicious files:

Command: crond
UID: 0 PID: 1973
Pathname: /etc/crondtab
Possible Rootkit: Unknown Rootkit

That is all... 8)
Часовой пояс: UTC+03:00
Страница 1 из 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/