Re: rootkit?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: rootkit?
From: William Case <billlinux@xxxxxxxxxx>
Date: Sun, 11 Dec 2005 10:25:31 -0500
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=rogers.com; h=Received:Subject:From:To:In-Reply-To:References:Content-Type:Date:Message-Id:Mime-Version:X-Mailer:Content-Transfer-Encoding; b=clduk6QAJOOAkSj3XGp3n7PYGP8rXS8/tKIjNwGw5S3R9PSh1EWdKYVQ+0LZxgScca3ne0ChULncUgqbGXTPi+Ojc9ls4o7L0s4q9yJfMImlEYhjmYL6xrmZXG2wnQjPtDB7VaAfEWUJzGfie/wB+q2PFs3BIUpfJC2ukG+LYs8= ;
In-reply-to: <1134279866.3320.64.camel@xxxxxxxxxxxxx>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <200512110031.03504.gene.heskett@xxxxxxxxxxx> <1134279866.3320.64.camel@xxxxxxxxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

On Sun, 2005-12-11 at 00:44 -0500, Scot L. Harris wrote:
> On Sun, 2005-12-11 at 00:31, Gene Heskett wrote:
> > A friend of mine just reported he has been rooted, and his machine was 
> > spewing spam in the name of the colonial bank.
> 
> > FWIW, chkrootkit didn't find it!
> > 
> 
> Did you try rkhunter?  Would be interesting to know if it could see it.
> 
> > Whats the general removal procedure for this, and better yet, how did 
> > they get in?
> 
> Once a system has been rooted the only action to take is to rebuild the
> system from scratch, format the drives and install clean.  Be very
> careful of anything backed up on the system since the root kit was
> installed.
> 

I think I know in a general kind of way.  But, what is a rootkit?

Regards Bill

Follow-Ups:
- Re: rootkit?
  - From: Scot L. Harris
- Re: rootkit?
  - From: Gene Heskett
- Re: rootkit?
  - From: Jeffrey Tadlock

References:
- rootkit?
  - From: Gene Heskett
- Re: rootkit?
  - From: Scot L. Harris

Prev by Date: Re: rootkit?
Next by Date: Re: rootkit?
Previous by thread: Re: rootkit?
Next by thread: Re: rootkit?
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]