Questions tagged [chkrootkit]
26 questions
4
votes
2 answers
I ran ChkRootkit and came up with a infected file. I need help
So I ran a chkrootkit. I have linux.xor.ddos showing as infected. I read other forums online and I have seen things mentioning false positives. What is linux.xor.ddos file and how can I check if they are fine?
RJ Adams
- 43
1
vote
0 answers
chkrootkit question. suspect files
I recently had a spear fishing attempt on my Linux Ubuntu 18.04 I changed passwords and ran Chkrootkit and Clamscan
my chkrootkit scan came up with the following:
suspicious files and directories were found:
/usr/lib/debug/.build-id…
Jay Boyle
- 21
0
votes
1 answer
How to treat supposed chkrootkit false positive
I installed chkrootkit with apt-install in a freshly installed Ubuntu server 16.04.3.
chkrootkit found suspicious files and directories after first run:
Searching for suspicious files and dirs, it may take a while... The following suspicious files…
Asarluhi
- 1,607
0
votes
1 answer
chkrootkit issues
When I use chkrootkit -q, I get:
/lib/modules/5.3.0-1035-aws/vdso/.build-id /lib/modules/5.4.0-1025-aws/vdso/.build-id /lib/modules/4.15.0-1044-aws/vdso/.build-id
/lib/modules/5.3.0-1035-aws/vdso/.build-id /lib/modules/5.4.0-1025-aws/vdso/.build-id…
Sonia Slimani
- 1
- 1
0
votes
1 answer
Chkrootkit results, how to reinstall tpcd ?
I run chkrootkit and these were the results.
Checking `tcpd'... INFECTED
Searching for Linux.Xor.DDoS ... INFECTED:
Possible Malicious Linux.Xor.DDoS…
Chymmi
- 103
- 3
0
votes
1 answer
Use chkrootkit and send status via ssmtp
I installed
apt install chkrootkit
This seems to run a cron job every day in /etc/cron.daily/chkrootkit which unfortunately will send its output into nirvana
I also installed a minimal mail dma:
apt install ssmpt
where I configured my mailserver…
rubo77
- 32,486