LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Closed Thread
  Search this Thread
Old 09-08-2014, 01:51 AM   #1
arman moradi
LQ Newbie
 
Registered: Sep 2014
Posts: 26

Rep: Reputation: Disabled
Angry hey everyone


when i did my check root kit it said
searching for suckutrootkit warning :/sbin/init INFECTED

is there a root kit in my comp right now?
 
Old 09-08-2014, 01:59 AM   #2
jdkaye
LQ Guru
 
Registered: Dec 2008
Location: Westgate-on-Sea, Kent, UK
Distribution: Debian Testing Amd64
Posts: 5,464

Rep: Reputation: Disabled
reported
 
Old 09-08-2014, 02:03 AM   #3
arman moradi
LQ Newbie
 
Registered: Sep 2014
Posts: 26

Original Poster
Rep: Reputation: Disabled
reported???

---------- Post added 09-08-14 at 02:04 AM ----------

like should i report it ???
 
Old 09-08-2014, 03:27 AM   #4
ondoho
Senior Member
 
Registered: Dec 2013
Posts: 4,176

Rep: Reputation: 837Reputation: 837Reputation: 837Reputation: 837Reputation: 837Reputation: 837Reputation: 837
jdkaye probably meant that your post lacks even most basic information, and so borders on spam.

usually you get this kind of reply when it isn't the first time that you so grossly ignore even the most basic rules of how to ask questions.

read both links in my signature.
 
1 members found this post helpful.
Old 09-08-2014, 03:33 AM   #5
arman moradi
LQ Newbie
 
Registered: Sep 2014
Posts: 26

Original Poster
Rep: Reputation: Disabled
1) i went to the terminal
2) i used chkrootkit
3) one file came up as searching for suckitrootkit warning :/sbin/init INFECTED

After Thought: after checking rootkit one of the files being /sbin/init seems to be infected with a suckit root kit

SucKIT :is a rootkit presented in Phrack issue 58, article 0x07 ("Linux on-the-fly kernel patching without LKM", by sd & devik). This is a fully working rootkit that is loaded through /dev/kmem (i.e. it does not need a kernel with support for loadable kernel modules. It provides a password protected remote access connect-back shell initiated by a spoofed packet (bypassing most of firewall configurations), and can hide processes, files and connections.

now knowing i have this tool hackers use in my comp how can i get rid of it, any ideas. since yr obviously a god amoungst men u should sure know how to do this right ondoho?

Last edited by arman moradi; 09-08-2014 at 03:45 AM.
 
Old 09-08-2014, 04:05 AM   #6
Germany_chris
Senior Member
 
Registered: Jun 2011
Location: Stuttgart, Germany
Distribution: Arch
Posts: 1,021

Rep: Reputation: 479Reputation: 479Reputation: 479Reputation: 479Reputation: 479
Quote:
Originally Posted by ondoho View Post
jdkaye probably meant that your post lacks even most basic information, and so borders on spam.

usually you get this kind of reply when it isn't the first time that you so grossly ignore even the most basic rules of how to ask questions.

read both links in my signature.
Eric Raymond in the Sig = Outstanding
 
Old 09-08-2014, 04:08 AM   #7
jdkaye
LQ Guru
 
Registered: Dec 2008
Location: Westgate-on-Sea, Kent, UK
Distribution: Debian Testing Amd64
Posts: 5,464

Rep: Reputation: Disabled
Quote:
Originally Posted by ondoho View Post
jdkaye probably meant that your post lacks even most basic information, and so borders on spam.
It was a combination of the double posting and writing "suckutrootkit" which they OP has belatedly changed to "suckitrootkit" which shows up in the log file as "Suckit Rootkit"
Have a look at the other thread.
jdk
 
Old 09-08-2014, 04:31 AM   #8
arman moradi
LQ Newbie
 
Registered: Sep 2014
Posts: 26

Original Poster
Rep: Reputation: Disabled
soOooOoOoO do any of u cats actaully know what to do or what?
 
Old 09-09-2014, 01:39 AM   #9
ondoho
Senior Member
 
Registered: Dec 2013
Posts: 4,176

Rep: Reputation: 837Reputation: 837Reputation: 837Reputation: 837Reputation: 837Reputation: 837Reputation: 837
Quote:
Originally Posted by arman moradi View Post
since yr obviously a god amoungst men u should sure know how to do this right ondoho?
Quote:
Originally Posted by arman moradi View Post
soOooOoOoO do any of u cats actaully know what to do or what?
being ignorant is one thing.
but being so unfriendly to the people who are trying to help you deserves only one answer: none.
 
1 members found this post helpful.
Old 09-09-2014, 02:03 AM   #10
EDDY1
LQ Addict
 
Registered: Mar 2010
Location: Oakland,Ca
Distribution: wins7, Debian wheezy
Posts: 6,838

Rep: Reputation: 649Reputation: 649Reputation: 649Reputation: 649Reputation: 649Reputation: 649
What the OP doesn't realize is some of us actually use google to try & assist them.
As far as demanding a responce in such a rude manner will not get the results demanded, especially since this is all voluntary support.
 
Old 09-09-2014, 06:20 AM   #11
jdkaye
LQ Guru
 
Registered: Dec 2008
Location: Westgate-on-Sea, Kent, UK
Distribution: Debian Testing Amd64
Posts: 5,464

Rep: Reputation: Disabled
@all except OP
I say it's just a troll trying to wind us all up. You know what they say about trolls and feeding.
jdk
 
Old 09-09-2014, 10:17 AM   #12
jeremy
root
 
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 11,969

Rep: Reputation: 3115Reputation: 3115Reputation: 3115Reputation: 3115Reputation: 3115Reputation: 3115Reputation: 3115Reputation: 3115Reputation: 3115Reputation: 3115Reputation: 3115
Please post your thread in only one forum. Posting a single thread in the most relevant forum will make it easier for members to help you and will keep the discussion in one place. This thread is being closed because it is a duplicate.

--jeremy
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Hey sujata Linux - Newbie 2 11-30-2009 06:40 AM
Hey Hey it's the monkee! - Introduction / What do y'all think of RealBasic? MonkeeOfEvil General 6 08-19-2009 05:48 AM
Hey ya'll! QBall2U LinuxQuestions.org Member Intro 12 05-08-2009 01:39 AM
LXer: Hey (Hey) You (You) Get Onto My Cloud LXer Syndicated Linux News 0 12-03-2008 12:01 AM
hey zaryk LinuxQuestions.org Member Intro 1 08-31-2007 07:16 AM


All times are GMT -5. The time now is 01:18 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration