Security Basics mailing list archives
RE: Bug in chkrootkit ?
From: "Todd Mitchell - lists" <lists () ciphin com>
Date: Wed, 30 Jul 2003 12:16:03 -0400
| Hi, | | yes, it's a RH 7 Distribution and i think i solved the riddle. After | kill one of those processes our Marketing Director came in and was | crying about "no more internet" on his Windows Box. | | It seems that the Windows 2000 Pro Version "hook" a permanent | connection to the named. If kill, there are not able to create | a new one ;) So the poor User have no DNS and therefore no more | www. | | But why the 'ps' output dont show them? This has to do with the way Red Hat handles threaded processes. You can safely ignore the output from chkrootkit saying you're infected. Todd -- | | regards, | Michael --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Bug in chkrootkit ? Michael Weber (Jul 30)
- RE: Bug in chkrootkit ? Todd Mitchell - lists (Jul 30)
- Re: Bug in chkrootkit ? Michael Weber (Jul 30)
- RE: Bug in chkrootkit ? Todd Mitchell - lists (Jul 30)
- Re: Bug in chkrootkit ? Michael Weber (Jul 30)
- Re: Bug in chkrootkit ? Alex 'CAVE' Cernat (Jul 30)
- Re: Bug in chkrootkit ? Alex 'CAVE' Cernat (Jul 30)
- Re: Bug in chkrootkit ? Juraj Ziegler (Jul 31)
- Re: Bug in chkrootkit ? Douglas J Hunley (Jul 30)
- Re: Bug in chkrootkit ? shrek-m () gmx de (Jul 30)
- Re: Bug in chkrootkit ? entmoot (Jul 30)
- Re: Bug in chkrootkit ? Tony Meman (Jul 30)
- RE: Bug in chkrootkit ? Todd Mitchell - lists (Jul 30)