[clug] More info
pearl.louis at anu.edu.au
Mon Mar 29 16:17:24 GMT 2004
> What on earth is going on? Is this a bug with chkrootkit? A quick google
> search seems to suggest that chkrootkit gives false positives with the LKM
> Trojan on some recent systems. Is this the case here?
> So any ideas guys?
As an added note, I also tried checking the processes named by cding
to /proc/<proc number>/fd and doing ls -l.
As far as I can tell the "hidden" processes are just normal
galeon/xmms/kontact stuff with references to mailboxes, galeon's cache etc.
The only suspicion ones are:
0 -> /dev/null
1 -> /home/tehanu/.xsession-errors
2 -> /home/tehanu/.xsession-errors
3 -> socket:
4 -> socket:
5 -> pipe:
6 -> pipe:
7 -> socket:
I'm not sure if that's really suspicious though...
More information about the linux