when i run my rkhunter i get suspicious files :(
whats up peeps every time u run a rk hunter check i get these results
Performing gruop and account checks checking forpassward file change [warning] checking for group files changes [warning] performing filesystem checks checking /dev for suspicous file types [warning] checking for hidden files and directories [warning] suspect files found ONE can yall help me out or what :( |
Have a look in /var/log/rkhunter.log You may get more info there. I ran this command as root
Code:
rkhunter -c jdk |
ty for the quick reply.
when i did my check root kit it said searching for suckutrootkit warning :/sbin/init INFECTED is there a root kit in my comp right now? |
Please do not post the same problem on two different threads. I can find no match for "suckurrotkit" in rkhunter.log. The closest thing I see to that is
Quote:
jdk |
na dude, im not kidding it said
searching for suckutrootkit warning :/sbin/init INFECTED, why would i joke about it??? is it what serious ima run it again give me a sec |
i just chkrootkit again and it said
:searching for suckutrootkit warning :/sbin/init INFECTED what doers this mean? |
do i have some sort of soft ware floating around im my comp right now???
|
so from what i gathered, a root kit is a tool used by hackers to use stealth and sneak into a computer...... now that i detected it wtf can i do to get rid of it?
|
Quote:
- Optionally investigate how it got there, - Save personal files, - Install your OS from scratch, - Properly harden your machine, - Inspect and verify personal files before putting them back in, - Regularly check for any problems. BTW, you are running the current version of Rootkit Hunter are you? |
i just installed ubuntuu yesterday, but if i have to ill do it again, from skratch
-how do i investigate this, is there like an ubuntuu antispyware or anti virus -harden my computer how, just tell me the names of the program to help me harden it and ill research it -for inspecting my file ill erase it all -and yes i just installed it and updated it right after and just so that i know whats good, chkrootkit found a suck it rootkit and so my comp is comprimised? to what extent is it and thank u for the help, im correct in assuming there is a hacker in my comp right now? |
it also said the following suspisious file was found
/usr/lib/pyton2.7/dist-packages/pyqt4/widget-plugins/.noinit/ |
the first thing i did was use my facebook and hotmail account. cound they have comprimised me on that?
|
and i ment say it is a suckit* rootkit
"SucKIT is a rootkit presented in Phrack issue 58, article 0x07 ("Linux on-the-fly kernel patching without LKM", by sd & devik). This is a fully working rootkit that is loaded through /dev/kmem (i.e. it does not need a kernel with support for loadable kernel modules. It provides a password protected remote access connect-back shell initiated by a spoofed packet (bypassing most of firewall configurations), and can hide processes, files and connections." looks like the hackers busted oyt the big guns and there out in force :( |
this text is at least 9 years old: http://www.forosdelweb.com/f41/que-t...ml#post1198506
|
Quote:
BTW I also asked you if are running the current version of Rootkit Hunter. Quote:
|
All times are GMT -5. The time now is 11:09 AM. |