rootkit

I did run Rkhunter and I got: /usr/local/sbin/pkg Warning Suspect files: 1 pkg version is 2.6.2 and I dod no a problem with it. Than run chkrootkit and I got: Syslogk LKM rootkit... INFECTED: Possible Malicious Syslogk LKM rootkit installed Checking `sniffer'... re0 is not promisc re1 is...

Hi all, strangest issue... # pkg update ... all good # pkg upgrade ... no updates # rkhunter --propupd [ Rootkit Hunter version 1.4.6 ] File updated: searched for 173 files, found 123 # rkhunter -c [ Rootkit Hunter version 1.4.6 ] ... /usr/local/sbin/pkg...

I ran the following # rkhunter -c everything is ok but one warning that I don't think is important but don't understand why I get it. ? [20:28:42] /usr/local/sbin/pkgdb [ Warning ] [20:28:42] Warning: The command '/usr/local/sbin/pkgdb' has been replaced by a script...

Hello, I am a total beginner with freeBSD. So far, I'm reading a book called: Designing BSD rootkit by Joseph Kong. As I mentioned, I barely know what I am doing, but I'm doing it and kind of manage to understand a little. However, I am currently stuck on an error when I load the module in the...

I installed security/rkhunter with security/nmap support, and it kept showing TCP ports 1524, 6667, and 31337 as possible ports where a rootkit could have interacted. Running sockstat showed security/portsentry interacting with those ports on a freshly installed system. No known rootkits were...

Hi people, recently I downloaded rkhunter in FreeBSD, I run the command rkhunter -c --sk --logfile /root/rkhunter20080414.txt and get some warnings. I can't upload the .txt maybe you can me help with understanding this warning. I put the warning here: [18:34:46] /usr/local/sbin/pkgdb [...

Servers are FreeBSD 9.0 and and 9.1 with rkhunter installed. Rkhunter is throwing up a warning: [04:01:22] Info: Starting test name 'os_specific' [04:01:22] Performing FreeBSD specific checks [04:01:22] Checking sockstat and netstat commands [ Warning ] [04:01:22] Warning...

Hi all, I`ve updated rkhunter yesterday the new port deleted my old configuration and now I`m getting some strange reports: FreeBSD wolfdale 8.1-RELEASE-p1 FreeBSD 8.1-RELEASE-p1 #0: Sun Oct 10 15:57:09 EEST 2010 Rootkit Hunter 1.3.8 Warning: Differences found between sockstat and netstat...

Hi! My system: new installed FreeBSD 7.1, KDE 3.5.10 I ran chkrootkit and I got: ... Checking `sshd'... /usr/bin/strings: Warning: '/' is not an ordinary file ... ... Searching for t0rn's default files and dirs... nothing found Searching for t0rn's v8 defaults... Possible t0rn v8...