You are not logged in.

Pages: 1

#1 2006-02-24 00:17:58

deft
Member
Registered: 2005-03-14
Posts: 79

chkrootkit

Does anyone else find this entry when running chkrootkit?: 

Searching for suspicious files and dirs, it may take a while...

/usr/lib/perl5/current/i686-linux-thread-multi/.packlist

Just checking to see whether it's typical or not.

Cheers.

Offline

#2 2006-02-24 00:37:32

paul2lv
Member
From: Vegas
Registered: 2005-11-09
Posts: 116

Re: chkrootkit

Yeah, I have it too. 

Searching for suspicious files and dirs, it may take a while...
/usr/lib/perl5/current/i686-linux-thread-multi/.packlist 
/usr/lib/perl5/site_perl/current/i686-linux-thread-multi/auto/XML/Parser/.packlist /usr/lib/perl5/site_perl/current/i686-linux-thread-multi/auto/DCOP/.packlist /usr/lib/perl5/site_perl/current/i686-linux-thread-multi/auto/Foomatic/.packlist

I hope it is normal. roll

Offline

#3 2006-02-24 00:43:10

deft
Member
Registered: 2005-03-14
Posts: 79

Re: chkrootkit

Thanks, glad it's not just me smile - do you also get a similar-ish readout at the endof the chkrootkit output: 

Checking `chkutmp'...  The tty of the following user process(es) were not found
 in /var/run/utmp !
! RUID          PID TTY    CMD
! root         3197 tty7   /usr/bin/X -br :0 vt7 -auth /var/run/xauth/x:x-xxxxxx
! tif          5488 pts/1  /bin/bash
! tif          5489 pts/1  su
! root         5490 pts/1  bash
! root         5491 pts/1  /bin/sh ./chkrootkit
! root         6567 pts/1  ./chkutmp
! root         6568 pts/1  ps ax -o tty,pid,ruser,args
chkutmp: nothing deleted

Offline

#4 2006-02-24 01:03:42

paul2lv
Member
From: Vegas
Registered: 2005-11-09
Posts: 116

Re: chkrootkit

Yeah, I also have something similar at the end.

Offline

Pages: 1

Board footer

Powered by FluxBB