On Mon, Apr 03, 2006 at 05:24:02PM +0200, Ugo Rebaudo wrote:
> Incredible!!!
> with all the new vserver created I have this problem:
>
> chkrootkit result
> Possible LKM Trojan installed found!!!
>
> I have try to change many sources of mirror
> without to resolve the problem....
>
> help me!
interesting ... what patch version is that?
when I find a few minutes, I will check if that
is 'normal' for the chkrootkit on a vserver
patched kernel, but it sounds suspicious
do you run it inside the guest or on the host?
best,
Herbert
> reby.
>
>
> Result of chkrootkit version 0.44:
> ...
> ...
> Checking `lkm'... SIGINVISIBLE Adore found
> Warning: Possible LKM Trojan installed
> ...
> ...
>
>
> My configuration:
>
> linux:/# vserver-info
> Versions:
> Kernel: 2.4.27
> VS-API: 0x00010004
> util-vserver: 0.30.204; Dec 20 2005, 16:58:50
>
> Features:
> CC: gcc, gcc (GCC) 3.3.5 (Debian 1:3.3.5-13)
> CXX: g++, g++ (GCC) 3.3.5 (Debian 1:3.3.5-13)
> CPPFLAGS: ''
> CFLAGS: '-Wall -g -O2 -std=c99 -Wall -pedantic -W'
> CXXFLAGS: '-g -O2 -ansi -Wall -pedantic -W
> -fmessage-length=0'
> build/host: i386-pc-linux-gnu/i386-pc-linux-gnu
> Use dietlibc: yes
> Build C++ programs: yes
> Build C99 programs: yes
> Available APIs: compat,v11,v13,fscompat,net,oldproc,olduts
> ext2fs Source: e2fsprogs
> syscall(2) invocation: fast
> vserver(2) syscall#: 273/glibc
>
> Paths:
> prefix: /usr
> sysconf-Directory: /etc
> cfg-Directory: /etc/vservers
> initrd-Directory: $(sysconfdir)/init.d
> pkgstate-Directory: /var/run/vservers
> Kernelheaders: /usr/include
> vserver-Rootdir: /var/lib/vservers
>
> _______________________________________________
> Vserver mailing list
> Vserver@list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Mon Apr 3 18:32:08 2006