Aether
Group: Members
Posts: 5
Joined: Dec. 2005 |
 |
Posted: Jan. 08 2006,18:40 |
 |
Before I talk about the breach, I should mention that on a clean install, chkrootkit shows netstat as INFECTED. I read a couple of poor english posts that mentioned a possiable false positive due to the addrs.h(I think) and needs to be stripped. Anyone confirm this, I don't know how.
Also, I am curious about the /KNOPPIX/ect/dhpc/resolv.conf having a hardcoded value of 206.13.28.12... is this your nameserver?
Anyways, the first time I ran chkrootkit I found about five positive infections, ls, du, date .... normal stuff. What has a a little concerned is, the only programs I have ever used on this distro are MyDSL, FireFox, Dillo, xMMS. I had installed iptables and was testing rc.firewall from projectfiles.com, but I started no network daemons. I have not been rooted since I first found them.
{edit} opps, and I enabled apt, upgraded GNU utils and installed synaptic.
|
.
DSL Market ,
Great VPS hosting provided by Tektonic
