Hello folks,
When I arrived at work this morning I noticed an oh-so-fun email from
cron reporting that chkrootkit had found a hidden process. After a good
hour of research (and some replaced binaries, of course) I came to the
conclusion that it was a false positive.
Although, while
On Friday 04 November 2005 08:06 am, Chris Wells wrote:
/usr/lib/chkrootkit/chkproc -v -v
PID 1230(/proc/1230): not in readdir output
PID 1230: not in ps output
CWD 1230: /var/lib/mysql
EXE 1230: /usr/sbin/mysqld
... (report the same for 1231 - 1238)
You have 9 process hidden for
Jeff Smelser wrote:
On Friday 04 November 2005 08:06 am, Chris Wells wrote:
/usr/lib/chkrootkit/chkproc -v -v
PID 1230(/proc/1230): not in readdir output
PID 1230: not in ps output
CWD 1230: /var/lib/mysql
EXE 1230: /usr/sbin/mysqld
... (report the same for 1231 - 1238)
You have 9
