閱讀文章 - 看板 FB_security

發信人yann.luppo@attglobal.net ("RazorOnFreeBSD"),

看板FB_security

標題Re: Hacked or not ?

發信站NCTU CSIE FreeBSD Server (Fri May 21 20:16:11 2004)

轉信站ptt!FreeBSD.csie.NCTU!not-for-mail

yes.... if you have any recommandation on something else? I'm currently moving from chkrootkit 0.41 ot 0.43 maybe it will help! I'll send the response for next people with this problem.... 'cause I don't want to be anoying but after simple searches I didn't find accurate solution or right information for 4.x boxes! For sure I didn't type in the right words if this post pop up every week, but I'm a newbie and futur newbies will have the same problem and probably type the same key words.... and probably add another post on the same subject! Here I and they need a response to stop polluting the mailing list! Don't you think? PS: This was just sort of a notice, nothing aggressive or whatever else you would'nt like! I love everybody and everything on this planet even cows.... (can I except terrorist people? Those are shit!) Sorry for polluting. razor's trying chkrootkit 0.43. ----- Original Message ----- From: "Tom Rhodes" <trhodes@FreeBSD.org> To: "Matthew Seaman" <m.seaman@infracaninophile.co.uk> Cc: "RazorOnFreeBSD" <yann.luppo@attglobal.net>; <freebsd-security@FreeBSD.org> Sent: Friday, May 21, 2004 10:11 PM Subject: Re: Hacked or not ? > On Fri, 21 May 2004 21:02:54 +0100 > Matthew Seaman <m.seaman@infracaninophile.co.uk> wrote: > > > On Fri, May 21, 2004 at 03:52:45PM +0200, RazorOnFreeBSD wrote: > > > > > I have a 4.9-STABLE FreeBSD box apparently hacked! > > > Yesterday I ran chkrootkit-0.41 and I don't like some of the outputs. > > > Those are: > > > chfn ... INFECTED > > > chsh ... INFECTED > > > date ... INFECTED > > > ls ... INFECTED > > > ps ... INFECTED > > > > Sheesh. Not this *again*. This is a false alarm: chkrootkit is > > exceedingly sensitive to something about the way such programs work > > under FreeBSD and has to be continually futzed so that it knows not to > > complain on each successive version of FreeBSD. Comes up in this or > > other FreeBSD lists just about every week. > > > > Relax. You're not compromised. You just need better tools. > > > > I love the "just need better tools." without any recommendation > for him. > > -- > Tom Rhodes > _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"