LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-30-2004, 05:06 PM   #1
dryajov
LQ Newbie
 
Registered: Sep 2004
Posts: 9

Rep: Reputation: 0
linux virus "aMuler" ?


Hi All,

I just found out that my Linux box might be infected with a virus, it all started when I tried to do an “ls” on my terminal, instead listing the files in the “dir” it logged me out, I reinstalled the terminal emulator which is “rxvt” still the same thing. A couple of hours later all of my terminals where having the same behavior. Then I tried shutting down X and doing “ls” from the console same thing it would log me out. The strangest thing that happened, that convinced me of “IT” being a virus was that it started rebuting on its own, whit messages like “message from root aMuleR – EO”. Does anybody have a clue of what it is and how to remove it.


Thanks in advance.

P.S: Yes I do have “aMule” installed and I probably cached the virus while downloading stuff whit it.
 
Old 12-30-2004, 05:30 PM   #2
Tuttle
Senior Member
 
Registered: Jul 2003
Location: Wellington, NZ
Distribution: mainly slackware
Posts: 1,291

Rep: Reputation: 52
are you able to install and run f-prot or other av software?
 
Old 12-30-2004, 05:39 PM   #3
dryajov
LQ Newbie
 
Registered: Sep 2004
Posts: 9

Original Poster
Rep: Reputation: 0
Yes I'm using bitDefender.Just finished the scan and it didn't find anything. Maybe it is not a virus maybe someone made some sort of an attack, which I doubt because i checked the log files and did not find anything strange.
 
Old 12-30-2004, 08:12 PM   #4
TruckStuff
Member
 
Registered: Apr 2002
Posts: 498

Rep: Reputation: 30
Quote:
Originally posted by dryajov
Maybe it is not a virus maybe someone made some sort of an attack, which I doubt because i checked the log files and did not find anything strange.
That doesn't mean anything these days. A careful hacker (or for that matter a skiddie attacking a system with the usual "default" settings) will erase any traces of their entrance into your system. I think you've been had... time to reinstall and patch software.
 
Old 12-30-2004, 10:43 PM   #5
slackMeUp
Member
 
Registered: Nov 2003
Distribution: Slack-where?
Posts: 654

Rep: Reputation: 30
Well I would check for root kits... but in the end you will need to do a full reinstall just to be safe.

Boot off a Live CD, backup your important data to another drive or CDs, and then nuke your partition.

Reinstall and you're good to go.

Remember to keep up-to-date with your distro.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Burning Linux CD from download? Virus possible? Download using "live" CD? cranston Linux - Newbie 4 12-07-2005 04:12 AM
Why is linux "VIRUS" safe? Fade-Dude Linux - Software 7 09-22-2005 09:37 PM
News: "Today the mydoom virus made the homepage of Linux unaccessible" J_Szucs General 31 02-09-2004 10:37 PM
f-prot anti-virus "Segmentation fault" error and other weird stuff dalek Linux - Software 9 10-22-2003 07:37 PM
Simple "anti-virus" file checker ian54 Linux - Newbie 5 03-05-2002 12:35 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:48 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration