This is a fairly new FC5 installation, new ISP, and new wireless router
system, all together adding up to numerous possibilities for errors. I
installed and ran "chkrootkit" this morning with the following result
and don't know how to deal with it? Any suggestions appreciated.
Checking `asp'... not infected
Checking `bindshell'... not infected
Checking `lkm'... You have 1 process hidden for readdir command
You have 1 process hidden for ps command
chkproc: Warning: Possible LKM Trojan installed
Checking `rexedcs'... not found
Checking `sniffer'... eth0: not promisc and no PF_PACKET sockets
Checking `w55808'... not infected
Checking `wted'... chkwtmp: nothing deleted
Checking `scalper'... not infected
Checking `slapper'... not infected
Checking `z2'... chklastlog: nothing deleted
Checking `chkutmp'... The tty of the following user process(es) were
not found
in /var/run/utmp !
! RUID PID TTY CMD
! root 2301 tty7 X :0 -auth /root/.serverauth.2284
chkutmp: nothing deleted
I scanned from "/" with f-prot yesterday and there were no indications
of "infection."
Thanks.
Bob Goodwin Zuni, Virginia w2bod
