On Sunday 03 April 2005 08:42, Jim Cornette wrote:
Since there was discussions regarding rootkits and how they are getting into systems, I ran chkrootkit and am more concerned about the suspicious files that it referred to.
Searching for suspicious files and dirs, it may take a while... /usr/lib/perl5/5.8.6/i386-linux-thread-multi/.packlist /usr/lib/perl5/vendor_perl/5.8.6/i386-linux-thread-multi/auto/NKF/.p acklist /usr/lib/perl5/vendor_perl/5.8.6/i386-linux-thread-multi/auto/mod_p erl/.packlist
/usr/lib/perl5/vendor_perl/5.8.6/i386-linux-thread-multi/auto/Gaim/. packlist
/usr/lib/perl5/site_perl/5.8.6/i386-linux-thread-multi/auto/DCOP/.pa cklist
Hopefully this does not indicate anything to be alarmed about. Is this a rational assumption?
Jim
I don't think these are Jim. But do pay attention to the names a level or so back up the tree, I suppose there could be a surprise there.
Not to sound dense, but the linux threads are they not used for 2.6 kernels and for the nptl backported kernels? I'm probably looking at the wrong portion of the path to th file.
Looking through the packlist, I could see why it is marked suspicious. :-)
Jim
-- If it's not in the computer, it doesn't exist.
