Re: Output from chkrootkit
From: Peter Chant (pete_at_petezilla.co.uk)
Date: 06/10/05
- Next message: Peter Chant: "Re: Output from chkrootkit"
- Previous message: Mailman: "Re: Output from chkrootkit"
- In reply to: Ransom: "Re: Output from chkrootkit"
- Next in thread: Cameron L. Spitzer: "Re: Output from chkrootkit"
- Reply: Cameron L. Spitzer: "Re: Output from chkrootkit"
- Reply: lorenzodes: "Re: Output from chkrootkit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 10 Jun 2005 18:11:37 +0100
Ransom wrote:
>> /usr/lib/php/.registry /usr/lib/qt-3.3.3/examples/toplevel/.ui
>> /usr/lib/qt-3.3.3/examples/helpdemo/.ui INFECTED (PORTS: 600)
>
> Chkrootkit found something suspicious
> in /usr/lib/qt-3.3.3/examples/helpdemo/.ui accessing port 600
> which is strange because this should be an empty directory.
>
Hmm
root@phoenix:/usr/lib/qt-3.3.3/examples/helpdemo# ls -al
total 42
drwxr-xr-x 4 root root 304 2004-10-14 04:19 ./
drwxr-xr-x 78 root root 2104 2004-10-14 04:19 ../
drwxr-xr-x 2 root root 48 2004-10-14 04:09 .ui/
-rw-r--r-- 1 root root 4789 2004-10-14 04:09 Makefile
-rw-r--r-- 1 root root 38 2003-04-07 10:40 about.txt
drwxr-xr-x 2 root root 200 2004-08-05 16:12 doc/
-rw-r--r-- 1 root root 3110 2003-07-17 13:20 helpdemo.cpp
-rw-r--r-- 1 root root 757 2003-07-17 13:20 helpdemo.h
-rw-r--r-- 1 root root 234 2003-11-27 10:06 helpdemo.pro
-rw-r--r-- 1 root root 8948 2003-07-14 09:09 helpdemobase.ui
-rw-r--r-- 1 root root 250 2003-04-07 10:40 main.cpp
Directory .ui is listed as empty.
-- http://www.petezilla.co.uk
- Next message: Peter Chant: "Re: Output from chkrootkit"
- Previous message: Mailman: "Re: Output from chkrootkit"
- In reply to: Ransom: "Re: Output from chkrootkit"
- Next in thread: Cameron L. Spitzer: "Re: Output from chkrootkit"
- Reply: Cameron L. Spitzer: "Re: Output from chkrootkit"
- Reply: lorenzodes: "Re: Output from chkrootkit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
