[EMAIL PROTECTED] wrote:
<snip>
> So:
> 1. i grabbed chkrootkit-0.48 tar-ball to my Internet down load directory
> 2. made a sub-directory under /usr/local for rootkit
> 2.a. cd'd to new directory and cp'd the downloaded tar-ball to new
> directory
> 2.b. tar -xvzf *.48
> 2.c. cd'd to new chkroot-0.48 directory.
> 3. read all the README's
> 4 on another console as root:
> 4a. "# make sense" reported "no rules for sense" (???)
I've never seen an argument "sense" to make. Is that what the README says?
> 4b. "# make" seems to have worked compiling all the binaries.
Usually that's an alias for "make all".
> 5. "# ./chkrootkit" reported crontab entry for "nobody"
> 5.a "# crontab -l nobody" reported no user
try:
crontab -u nobody -e
> 6. i have only one possible infection being "nobody"
What make you think that you have an infection?
> questions:
> a. where did i go wrong with "make sense" ?
> b. no entry from crontab for nobody.
>
> what else do i need to provide?
Since I haven't installed chkrootkit in a long time, I'm giving best guesses
for what I would expect.
Someone else may correct me.
YMMV
--
Neil Schneider pacneil_at_linuxgeek_dot_net
http://www.paccomp.com
Key fingerprint = 67F0 E493 FCC0 0A8C 769B 8209 32D7 1DB1 8460 C47D
I help busy professionals diversify their self-directed IRAs and portfolios
with real estate they don't have to manage. Please let me know if you or
someone you know would like more information.
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-newbie
