[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] Cobalt Raq2 & Chkrootkit 0.37
- Subject: [cobalt-security] Cobalt Raq2 & Chkrootkit 0.37
- From: "Arminder Singh" <m-list@xxxxxxxxxxxx>
- Date: Fri, 27 Sep 2002 18:57:22 +0530
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Greetings All,
Has anyone came across this starange behaviour of
Chkrootkit 0.37 while running on Cobalt Raq2 (specifically Raq2). Following is
the output I rcvd. on running the same :
............
Checking `mail'... not infected
Checking
`mingetty'... not found
Checking `netstat'... not infected
Checking
`named'... not infected
Checking `passwd'...
INFECTED
Checking `pidof'... not infected
Checking
`pop2'... not found
Checking `pop3'... not found
Checking `ps'... not
infected
............
Checking `bindshell'... not infected
Checking
`lkm'... ./chkrootkit: ./chkproc: cannot execute binary file
Warning:
Possible LKM Trojan installed
Checking `rexedcs'... not found
Checking
`sniffer'...
./chkrootkit: ./ifpromisc: cannot execute binary
file
Checking `wted'... ./chkrootkit: ./chkwtmp: cannot execute binary
file
Checking `scalper'... not infected
Checking `slapper'... not
infected
Checking `z2'... ./chkrootkit: ./chklastlog: cannot execute binary
file
Is there anyone that can explain this, will be
highly admirable. The same isn't in case of Raq3 & Raq4, but only in
Raq2s.
Cheers
Arminder Singh
Sr. Exec. System
Administrator
-------------------------------------------------------
Pugmarks InterWeb Pvt. Ltd. INDIA Tel: (172) 622 753, 54, 55, Fax:91
(172)-645-906
Pugmarks Inc. Tel: (630) 571-0699, Fax:
(630)-571-0642
http://www.pugmarks.net