[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] RE: Resetting Chkrootkit

Subject: [cobalt-security] RE: Resetting Chkrootkit
From: "Jon" <jjma100@xxxxxxxxxxx>
Date: Sat, 17 Jan 2004 12:29:35 -0000
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi,

> If you're happy that it's nothing nefarious then I 
> believe that you can get
> rid of it by rotating /var/log/wtmp
> 
> login as root:
> cd /var/log
> mv wtmp wtmp.old
> touch wtmp
> chmod 0644 wtmp
> 
> Log in to the shell from another SSH session and make 
> sure /var/log/wtmp is
> > 0 blocks (don't try cat it's in binary). Try 
> chkrootkit again.

Thanks this worked well. 

Jon

Prev by Date: Re: [cobalt-security] Resetting Chkrootkit
Next by Date: [cobalt-security] "Rash" of Qube 3 Updates...
Previous by thread: RE: [cobalt-security] Resetting Chkrootkit
Next by thread: [cobalt-security] "Rash" of Qube 3 Updates...

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index