LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page detecting rootkits Debian w/ XFCE desktop
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-20-2019, 07:21 PM   #1
armchairrambo
LQ Newbie
 
Registered: Jun 2019
Posts: 1

Rep: Reputation: Disabled
detecting rootkits Debian w/ XFCE desktop

When it comes to security, consider myself a newbie.

I'm dual booting Debian and KX Studio (Ubuntu).

I installed an add-on to Firefox that appeared to be mining, so after getting rid of it decided it's time to check the whole system.

I ran chkrootkit and rkhunter on both.

chkrootkit says it found Suckit rootkit had infected the /sbin/init process when I ran it on the KX Studio partition.

Msg:
Searching for Suckit rootkit... Warning: /sbin/init INFECTED

rkhunter found nothing, despite extra checking for Suckit.

No alerts from either program when I scanned the Debian partition.

Is this a false alarm? I would appreciate any insight the forum might offer on this.

Thank you in advance.
Last edited by armchairrambo; 06-20-2019 at 07:23 PM.
 
Old 06-20-2019, 10:15 PM   #2
//////
Member
 
Registered: Nov 2005
Location: Land of Linux :: Finland
Distribution: Arch Linux && OpenBSD 7.4 && Pop!_OS && Kali && Qubes-Os
Posts: 824

Rep: Reputation: 350Reputation: 350Reputation: 350Reputation: 350
try to load it to virustotal.com
 
1 members found this post helpful.
Old 06-22-2019, 06:36 AM   #3
moxieman99
Member
Contributing Member
 
Registered: Feb 2004
Distribution: Dabble, but latest used are Fedora 13 and Ubuntu 10.4.1
Posts: 425

Rep: Reputation: 147Reputation: 147
What if you delete and reformat the KX Studio partition, reinstall, and re-run your virus check?
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
detecting rootkits, hash qrange Linux - Security 5 09-16-2010 05:47 AM
LXer: Linux Detecting Rootkits LXer Syndicated Linux News 0 01-28-2008 08:30 AM
LXer: Various ways of detecting rootkits in GNU/Linux LXer Syndicated Linux News 0 12-18-2006 03:21 AM
debian "rootkits?" slackhack Linux - Security 5 09-29-2006 12:07 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:45 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration