[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: chkrootkit - suspicious files question



On Apr 3, 2005 9:37 AM, Gene Heskett <gene heskett verizon net> wrote:
> On Sunday 03 April 2005 08:42, Jim Cornette wrote:
> >Since there was discussions regarding rootkits and how they are
> > getting into systems, I ran chkrootkit and am more concerned about
> > the suspicious files that it referred to.
> >
> >Searching for suspicious files and dirs, it may take a while...
> >/usr/lib/perl5/5.8.6/i386-linux-thread-multi/.packlist
> >/usr/lib/perl5/vendor_perl/5.8.6/i386-linux-thread-multi/auto/NKF/.p
> >acklist
> > /usr/lib/perl5/vendor_perl/5.8.6/i386-linux-thread-multi/auto/mod_p
> >erl/.packlist
> >
> >/usr/lib/perl5/vendor_perl/5.8.6/i386-linux-thread-multi/auto/Gaim/.
> >packlist
> >
> >/usr/lib/perl5/site_perl/5.8.6/i386-linux-thread-multi/auto/DCOP/.pa
> >cklist
> >
> >
> >Hopefully this does not indicate anything to be alarmed about. Is
> > this a rational assumption?
> >
> >Jim
> 
> I don't think these are Jim.  But do pay attention to the names a
> level or so back up the tree, I suppose there could be a surprise
> there.
> >
> >--
> >QUESTION AUTHORITY.
> >
> >(Sez who?)
> :)
> --
> Cheers, Gene

Perl-5.8.6 is from the development repo and is part of FC4-test1.  Are
you running FC4-test1 or did you mess up your system by enabling the
development repo?


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]