| |
11 Search Results Found |
| 1 |
Forum: Russian «»
Posted on: Wed, 21 January 2009 10:38 «»
By: spitfirekdv
chkrootkit ругается
Скачал этот темплейт
http://download.openvz.org/template/precreated/contrib/cento s-5-x86_64-minimal-5.2-20090117.tar.gz
Установил, захожу в vps, проверяю chkrootkit-ом, получаю
Checking `chkutmp'... The tty of the following user process(es) were no...
|
| 2 |
Forum: Support «»
Posted on: Wed, 21 November 2007 12:53 «»
By: vaverin
Re: "hidden processes" in OpenVZ
As you know each process has a directory on proc filesystem:
/proc/<pid>/...
Usually /proc/<pid> are visible by any filesystem system calls. "Hidden" pids are not visible directly -- for example readdir() system call does not show...
|
| 3 |
Forum: Support «»
Posted on: Wed, 21 November 2007 10:22 «»
By: floogy
Re: "hidden processes" in OpenVZ
Hello Vasily,
thank you very much for your efforts. It's now much more clearer that these hidden processes are harmless, and one can check that by the pid number "structur". Maybe rkhunter and chkrootkit could have some code, enabled by an ext...
|
| 4 |
Forum: Support «»
Posted on: Tue, 20 November 2007 21:11 «»
By: floogy
Re: "hidden processes" in OpenVZ
Is there maybe a plan, to integrate some code, that compares the hw-node pids with the ve hidden pids, and show the different processes as an alert in the VZPP:System Prozesses, or provide a method to tools like chkrootkit/rkhunter/unhide, to give them t...
|
| 5 |
Forum: Support «»
Posted on: Tue, 20 November 2007 12:59 «»
By: floogy
Re: "hidden processes" in OpenVZ
Hi vaverin,
thank you so much! It's nice to hear, that I shouldn't bother about hidden processes in VPS or OpenVZ, because these messages of unhide/rkhunter/chkrootkit are really scary!
How can I investigate them further?
Though, it might be still n...
|
| 6 |
Forum: Support «»
Posted on: Sun, 18 November 2007 14:11 «»
By: floogy
"hidden processes" in OpenVZ
Hello,
I got a vserver, and found "hidden processes" by rkhunter, unhide and chkrootkit:
chkrootkit:
### Output of: ./chkproc -v -v -p 3
###
PID 482(/proc/482): not in getpriority readdir output
[...]
PID 31564(/proc/31564): not in g...
|
| 7 |
Forum: Users «»
Posted on: Wed, 09 May 2007 08:56 «»
By: Vasily Tarasov
Re: error from RkHunter and ChkRootKit
Hello,
Actually all the binaries (of user-space applications) that exists in VE
are the same, that are used on appropriate distribution. So RkHunter
should not complain on bad hashes. I see two possible reasons of this
problem:
1. RkHunter stores a datab...
|
| 8 |
Forum: Users «»
Posted on: Wed, 09 May 2007 02:20 «»
By: Markus Hardiyanto
Re: error from RkHunter and ChkRootKit
i tried to install force util-linux rpm, the installation is succeeded. then i run rkhunter again, but still get the same error on this files:
> /bin/kill [ BAD ]
> /sbin/insmod [ BAD ]
> /sbin/lsmod [ BAD ]
> /sbin/modprobe [ BAD ]
> /...
|
| 9 |
Forum: Users «»
Posted on: Tue, 08 May 2007 14:40 «»
By: Gregor Mosheh
Re: error from RkHunter and ChkRootKit
> Markus Hardiyanto <informatics2k1@yahoo.com> writes:
>> I install RkHunter and ChkRootKit inside VE.
>> Performing 'known good' check...
>> /bin/kill [ BAD ]
(etc)
> Yes and no -- those are modified from the standard pa...
|
| 10 |
Forum: Users «»
Posted on: Tue, 08 May 2007 12:12 «»
By: Daniel Pittman
Re: error from RkHunter and ChkRootKit
Markus Hardiyanto <informatics2k1@yahoo.com> writes:
> I install RkHunter and ChkRootKit inside VE. the VE is using Centos
> 4.4 minimal installation. i download the Centos image from the list on
> OpenVZ Wiki. here is the error that i...
|
| 11 |
Forum: Users «»
Posted on: Tue, 08 May 2007 02:40 «»
By: Markus Hardiyanto
error from RkHunter and ChkRootKit
I install RkHunter and ChkRootKit inside VE. the VE is using Centos 4.4 minimal installation. i download the Centos image from the list on OpenVZ Wiki.
here is the error that i got:
from RkHunter:
Performing 'known good' check...
/bin/kill [ BAD ]
/sbin...
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home