Thanks for the reply. I installed the rootkit, this was the only thing that really displayed anything. I'm not sure what it means? Everything else was nothing, nothing deleted etc. Checking `chkutmp'... The tty of the following user process(es) were not found in /var/run/utmp ! ! RUID PID TTY CMD ! root 2570 tty1 /usr/bin/Xorg :0 -nr -verbose -auth /var/run/gdm/auth-for-gdm-E11BQz/database -nolisten tcp vt1 chkutmp: nothing deleted Lorenzo On Fri, 2009-03-20 at 22:02 +0000, Alan Cox wrote: > On Fri, 20 Mar 2009 14:51:22 -0700 > lorenzo <linux@xxxxxxxxxxx> wrote: > > > > > I'm running the stock firewall on F10 and when I run the sectool > > the firewall always fails, It says. > > > > Error, Firewall, No firewall rules in IPv4 INPUT chain and policy > > is set to ACCEPT. > > > > There is always one active connection, even when I'm not accessing > > the net, no IM, NO browser, NO twitter etc. What is really strange, > > when I type anything network history shows an increase in data packets > > flowing out. > > > > My brother is the linux geek, but he is in iraq > > The first thing you want is a tool called "chkrootkit", which is > basically a scanner for known trojans and attack tools used against Linux > boxes. > > tcpdump might also give you some idea what is going out and where > -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
