WTF? several anon_inode and /dev/null listings with lsof search
Basil Chupin
blchupin at iinet.net.au
Tue Aug 7 06:56:13 UTC 2012
On 07/08/12 16:41, Patrick Asselman wrote:
> On 2012-08-06 23:12, rabidblogger at Safe-mail.net wrote:
>> $ lsof | grep anon_inode
>> anon_inode
>>
>> $ lsof | grep dev/null
>> /dev/null
>>
>> I find several anon_inodes and over a dozen /dev/null listings, in
>> some listings for each there are several processes which are repeated.
>> I'm expecting this to be a rootkit, but none of the rootkit scanners
>> find anything. Why are these two listings appearing for various
>> processes? I'm not running any virtual machines, emulation, shares,
>> printers, servers, etc. but these listings continue to appear, it
>> doesn't matter what Linux distro I use, these continue to show, even
>> when disconnected from the internet.
>>
>> What are they?
>> Why are they appearing?
>> How can I stop these from running? (if they're bad)
>>
>> I've searched the web and cannot find anything which explains these
>> to my satisfaction.
>
> Can you put the output somewhere for the rest of us to see? It's
> difficult to help you without knowing exactly what you have found...
Good place to put them is:
http://susepaste.org/
where you have section for graphics and another section just for code/text.
BC
--
Using openSUSE 12.2 x86_64 KDE 4.8.4 & kernel 3.5.0-2 on a system with-
AMD FX 8-core 3.6/4.2GHz processor
16GB PC14900/1866MHz Quad Channel Corsair "Vengeance" RAM
Gigabyte AMD3+ m/board; Gigabyte nVidia GTX550Ti 1GB DDR5 GPU
More information about the ubuntu-users
mailing list