Virus on a virgin Red Hat ES V3 server?
Ken Morley
ken at jmtg.com
Fri May 7 17:38:06 UTC 2004
I've just installed RedHat Enterprise ES V3 and patched to the latest
revision. I then installed Clam Anti-Virus 0.70, ran freshclam to get the
latest def files and then ran a clamdscan against the entire drive.
I was surprised when clamdscan reported:
//proc/kcore: Trojan.MiniCommander.dr FOUND
What's the possibility that the server is really infected? It's been up
just about two days, behind an commercial grade ICSA-certified firewall with
only outbound access to the internet.
Does anyone else have a RHES V3 box that they can try?
I wonder if the infected file ships with the RH distribution???
Any suggestions are appreciated.
More information about the redhat-list
mailing list