Root kit for ubuntu
John Bowden
j-alan at btconnect.com
Wed Feb 6 22:54:46 UTC 2008
On Wednesday 06 February 2008 10:20:21 Kenneth P. Turvey wrote:
> I just had a message pop up indicating that I needed to reboot my system
> due to a security update. This happened without my actually installing
> any updates at all. I was just using my computer as usual.
>
> After looking around a bit, I noticed that my grub directory had been
> updated. Then when I stat'ed my running kernel, this is what I got:
>
>
>
> kt at searay:/boot$ stat vmlinuz-2.6.20-16-generic
> File: `vmlinuz-2.6.20-16-generic'
> Size: 1747596 Blocks: 3424 IO Block: 4096 regular file
> Device: 801h/2049d Inode: 3063809 Links: 1
> Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
> Access: 2008-02-06 03:29:06.000000000 -0600
> Modify: 2008-01-31 21:43:04.000000000 -0600
> Change: 2008-02-06 03:29:48.000000000 -0600
>
>
> This is the second time I've had a problem like this since installing
> Ubuntu. Is there a widely available root kit for it? I would like to
> stick with Ubuntu, but this is getting annoying.
>
> --
> Kenneth P. Turvey <kt-usenet at squeakydolphin.com>
You will also need to reinstall as you won't know what else on your system has
been compromised. The root kit needs to be installed on a fresh install or a
known good backup.
If you think some one is getting into your systems and you have a spare
machine you might want to set up a honey trap.
john
--
Guy Fawkes, the only man to enter the house's of Parliament
with honest intentions, (he was going to blow them up!)
Registered Linux user number 414240
More information about the ubuntu-users
mailing list