chkrootkit finds 94 process hidden for readdir
Edwin Groothuis
edwin at mavetju.org
Sat Dec 23 18:01:28 PST 2006
On Sat, Dec 23, 2006 at 03:57:35PM -0500, Matthew Herzog wrote:
> I run FreeBSD 6.1-RELEASE-p7 on an UltraSparc 5 machine.
> I ran chkrootkit yesterday and saw this:
> Checking `lkm'... You have 94 process hidden for readdir command
> chkproc: Warning: Possible LKM Trojan installed
I thought this was related to the time difference in "ps" and the
processing of the /proc directory.
Edwin
--
Edwin Groothuis | Personal website: http://www.mavetju.org
edwin at mavetju.org | Weblog: http://weblog.barnet.com.au/edwin/
More information about the freebsd-stable
mailing list