Dotan Cohen wrote:
On 2/23/06, Mike McCarty <mike.mccarty@xxxxxxxxxxxxx> wrote:
I ran chrootkit today, and it spit this out [in the middle
of a bunch of "nothing found" reports]
[snip]
Total of 200 files it didn't like. I don't see anything there that
looks particularly suspicios. What's going on? Anyone know?
It also found this...
Checking `chkutmp'... The tty of the following user process(es) were
not found
in /var/run/utmp !
! RUID PID TTY CMD
! root 3928 tty1 /sbin/mingetty tty1
! root 3939 tty2 /sbin/mingetty tty2
! root 3945 tty3 /sbin/mingetty tty3
! root 3951 tty4 /sbin/mingetty tty4
! root 3957 tty5 /sbin/mingetty tty5
! root 4082 tty6 /sbin/mingetty tty6
chkutmp: nothing deleted
Why can it not find the tty?
Mike
Did you ever figure out what caused chkrootkit to freak? I was hoping
someone would help you (as I too need to learn), but I did not see any
public replies to the thread.
Never did.
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!
