Chkroot reports LKM troyan, false postive?
Date: Mon, 22 Dec 2003 14:04:36 +0000 (UTC)
I run chkrootkit yesterday (22.12.2003) and got all negatives except
for a complaint about:
"possible lkm troyan"
"4 processes hidden from ps"
This sound very strange as I just updated to 2.4.23 kernel three days
ago and all the modules are new.
My box does not contain any Windoze, except apps which I can run with
I do not run any server and use firestarter / iptables as firewall.
So I need the following info to get sure:
1) How can I see processes hidden to PS?
2) Would it be possible for a troyan to place a new module for a newly
build kernel (vanilla)?
3) What should I search for and how?
4) Somebody knows about a bug in chkrootkit which could cause this?
Happy Xmas ;)
- Re: Sound gone after yum -y update
... Fired up aumix, ... Strange, with kmix it did not seems to work. ... Other strange thing is the sounds worked if i booted with previous kernel, ... playing quake3 without sound is kinky experience :-) ...
- input method on fc3?
... FC3 and soundcard ... >> without problems and sound works fine. ... What modules were loaded with kernel ... I can install and configure samba on Linux as easily as I can install ...
- Sound userspace drivers (fishing for insight)
... about userspace sound drivers for Linux and was like O_o so now I'm ... Write sound; context switch; sound ... syscall into kernel space. ... First off how the heck complex is userspace PCI control, ...
- 4.6.2 to 4.9 and sound
... I used to have sound working perfectly with 4.6.2 and an old SBLive. ... Is there a way I can force the kernel to not recognise the AC97? ... pci0: <PCI bus> on pcib0 ...
- Re: Question about linux sound...
... I either have to close any other apps which may use sound, ... I have an AC'97 sound card and use 2.4.27-2-386 kernel on debian. ... ALSA does have OSS emulation, ...