Hello, it now it was a couple of days ago but I've to concern another time to in this case a compromised woody system.
chkrootkit found nothing but rkhunter found quite a lot: /bin/login /bin/su /usr/bin/locate /usr/sbin/useradd /usr/sbin/usermod /usr/sbin/vip All these binaries have been alerted within rkhunter. I got a message like this [ and there was indeed an debian update of passwd(login) but to get sure I need reilly competent advices]: Rootkit Hunter found some bad or unknown hashes. This can be happen due replaced binaries or updated packages (which give other hashes). Be sure your hashes are fully updated (rkhunter --update). If you're in doubt about these hashes, contact the author ... And another alert was this: Checking /dev for suspicious files... [ Warning! (unusual files found) ] What's up now I would expect someone has replaced my /bin/login binary which makes me feel unhappy or is there nothing to worry about ? - ProFTPd 1.2.5rc1 [Vulnerable ] - OpenSSH 3.4p1 [Vulnerable ] - GnuPG 1.0.6 [Vulnerable ] Ok, this could be solved by compiling from sources and indeed I've to do it. At last there was this error messages: Incorrect MD5 checksums: 6 Would this solve my problem and I've to update the hash within mkhunter as describe avove ? -- Best Regards, Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]