been Hacked !
Michael Schwendt
fedora at wir-sind-cool.org
Sat Oct 9 14:21:29 UTC 2004
On Sat, 9 Oct 2004 14:06:28 +0200 (CEST), hicham wrote:
> Hello
> I've run chkrootkit
> and here what I 've got:
> "ROOTDIR is `/'
> Checking `sshd'... /usr/bin/strings: Warning: '/' is
> not an ordinary file
> not infected
Get the chkrootkit from fedora.us, which fixes above bug.
> Searching for LOC rootkit...
> /tmp/hipergate/hipergate-2.0.12-en/web-en/webmail/xml/en/xp
> /tmp/hipergate/hipergate-2.0.12-en/web-en/webmail/xml/fr/xp
> /tmp/hipergate/hipergate-2.0.12-en/web-en/webmail/xml/de/xp
> /tmp/hipergate/hipergate-2.0.12-en/web-en/webmail/xml/es/xp
> /tmp/hipergate/hipergate-2.0.12-en/web-en/webmail/xml/zh/xp
> /tmp/hipergate/hipergate-2.0.12-en/web-en/webmail/lib/templates/en/xp
> /tmp/hipergate/hipergate-2.0.12-en/web-en/webmail/lib/templates/fr/xp
> /tmp/hipergate/hipergate-2.0.12-en/web-en/webmail/lib/templates/de/xp
> /tmp/hipergate/hipergate-2.0.12-en/web-en/webmail/lib/templates/es/xp
> /tmp/hipergate/hipergate-2.0.12-en/web-en/webmail/lib/templates/zh/xp
> /tmp/hipergate/hipergate-2.0.12-en/web-en/skins/xp
> epic "
>
> what's that LOC rootkit ? How do i get rid of it ?
The LOC rootkit check is very basic and can lead to false positives as
it searches for files named "xp" below /tmp. You extracted something
into /tmp/hipergate which contains such files, most likely regular
file names for that package. Delete the temporary directory, and
chkrootkit won't complain anymore. Double-check what files are
contained within the hipergate-2.0.12-en distribution.
--
Fedora Core release 2.91 (FC3 Test 2) - Linux 2.6.8-1.598
loadavg: 1.03 1.39 1.44
More information about the fedora-list
mailing list