On Fri, 2008-02-22 at 10:20 +0800, Uwe Dippel wrote: > This is what I get at running rkhunter --check: > > ... > [10:05:34] Checking for local startup files [ Found ] > [10:05:34] Checking local startup files for malware [ None found ] > [10:06:19] Checking system startup files for malware [ Warning ] > [10:06:19] Warning: Found string 'sshdd' in file '/etc/pwd.db'. Possible > rootkit > : Possible GasKit rootkit > THE FAQ contains some info on dealing with found problems. Depending on how paranoid you want to be the first thing I would say is either to remove the system from the network to prevent further problems, and/or find out what the 'sshdd' account is doing on your system (i.e. is it valid or not).
John. -- --------------------------------------------------------------- John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914 E-mail: [EMAIL PROTECTED] Fax: +44 (0)1752 233839 ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
