On Tue, May 31, 2005 at 12:44:30PM -0400, Matthew Miller wrote: > On Tue, May 31, 2005 at 05:42:00PM +0100, Andy Green wrote: > > | Checking `chkutmp'... The tty of the following user process(es) were > > not found > > | in /var/run/utmp ! > > | ! RUID PID TTY CMD > > | ! root 4674 tty1 /sbin/mingetty tty1 > > Either we are both hacked the same way ;-) or it means chrootkit has > > identified something that is a normal situation on our Fedora machines. > > Looks like chkutmp is new in version 0.45, and is being overly aggressive. > This looks like a bug to me; I think it should be reported upstream at > <http://www.chkrootkit.org/>. Thanks for your comments guys. For what it's worth I sent in a comment to the authors at chkrootkit.org. Cheers, Stuart. -- Stuart Lowe | Toronto, CAN | key ID on keyserver | Skype stuart.lowe Fedora Core release 3 (Heidelberg) GNU/Linux kernel 2.6.11-1.27_FC3 on i686 nyarlathotep 12:59:07 up 41 min, 6 users, load average: 0.00, 0.03, 0.07
