Giles McGarry wrote: > Steve, I think you've hit the nail on the head, running clamscan (didn't know > it even existed until a few minutes ago) show the following: > > /bin/bash: Linux.RST.B FOUND > /bin/mv: Linux.RST.B FOUND > /bin/grep: Linux.RST.B FOUND > /bin/mt-gnu: Linux.RST.B FOUND > /bin/tcsh: Linux.RST.B FOUND
http://www.viruslist.com/en/weblog?calendar=2005-09 http://www.lurhq.com/atd.html One of those might possibly explain how that virus got on there. I'd recommend a rebuild; you have a system here whose previous admin has either been running untrusted (or compromised) binaries as root, or not keeping the box secure. -- see shy jo
signature.asc
Description: Digital signature