Root kit for ubuntu

John Bowden j-alan at
Wed Feb 6 22:54:46 UTC 2008

On Wednesday 06 February 2008 10:20:21 Kenneth P. Turvey wrote:
> I just had a message pop up indicating that I needed to reboot my system
> due to a security update.  This happened without my actually installing
> any updates at all.  I was just using my computer as usual.
> After looking around a bit, I noticed that my grub directory had been
> updated.  Then when I stat'ed my running kernel, this is what I got:
> kt at searay:/boot$ stat vmlinuz-2.6.20-16-generic
>   File: `vmlinuz-2.6.20-16-generic'
>   Size: 1747596         Blocks: 3424       IO Block: 4096   regular file
> Device: 801h/2049d      Inode: 3063809     Links: 1
> Access: (0644/-rw-r--r--)  Uid: (    0/    root)   Gid: (    0/    root)
> Access: 2008-02-06 03:29:06.000000000 -0600
> Modify: 2008-01-31 21:43:04.000000000 -0600
> Change: 2008-02-06 03:29:48.000000000 -0600
> This is the second time I've had a problem like this since installing
> Ubuntu.  Is there a widely available root kit for it?  I would like to
> stick with Ubuntu, but this is getting annoying.
> --
> Kenneth P. Turvey <kt-usenet at>

You will also need to reinstall as you won't know what else on your system has 
been compromised. The root kit needs to be installed on a fresh install or a 
known good backup.
If you think some one is getting into your systems and you have a spare 
machine you might want to set up a honey trap.

Guy Fawkes, the only man to enter the house's of Parliament
with honest intentions, (he was going to blow them up!)
Registered Linux user number 414240

More information about the ubuntu-users mailing list