DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD Security

FreeBSD Security Securing FreeBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 6th June 2009
MetalHead MetalHead is offline
Port Guard
 
Join Date: Sep 2008
Posts: 24
Default Root Kit Or False Positive?

Hi!

chkrootkit is showing:
Searching for t0rn's v8 defaults... Possible t0rn v8 \(or variation\) rootkit in
stalled

I ran rkhunter and it found nothing..

Confused...

TIA.
Reply With Quote
  #2   (View Single Post)  
Old 6th June 2009
Oko's Avatar
Oko Oko is offline
Rc.conf Instructor
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 1,102
Default

Quote:
Originally Posted by MetalHead View Post
Hi!

chkrootkit is showing:
Searching for t0rn's v8 defaults... Possible t0rn v8 \(or variation\) rootkit in
stalled

I ran rkhunter and it found nothing..

Confused...

TIA.
This is a very funny post. You are confused about what? That couple idiotic tools which are not supposed to work anyway do not work in reality. How about you now buy a new HDD take the one with rootkit out and cut into the peaces. Then properly configure your server or desktop. You can start by reading the thread.

http://forums.freebsd.org/showthread.php?t=4089
Reply With Quote
  #3   (View Single Post)  
Old 6th June 2009
rtwingfield rtwingfield is offline
Real Name: Ron Wingfield
Port Guard
 
Join Date: Oct 2008
Location: Little Rock, AR USA
Posts: 36
Default A good read on WikipediA

FYI, http://en.wikipedia.org/wiki/Rootkit

. . .I'm just learning about this rootkit thing, too.


OTTF,
RW
Reply With Quote
  #4   (View Single Post)  
Old 7th June 2009
TerryP's Avatar
TerryP TerryP is offline
Arp Constable
 
Join Date: May 2008
Location: USofA
Posts: 1,547
Default

Just keep your system locked up tighter then a ticks ass, and you will not have to much to fear. (Natural disasters, fate, acts of GOD and dog aside)
__________________
My Journal

Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.
Reply With Quote
  #5   (View Single Post)  
Old 7th June 2009
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

The root kit checkers available for FreeBSD tend to give out false alarms, e.g. for the FreeBSD date command.

Although from six years ago see http://www.onlamp.com/pub/a/bsd/2003...SD_Basics.html.
If you are afraid your machine has been compromised, reinstall and use one of these system integrity tools.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ZFS root and linproc 7.2-RC1 wnsi FreeBSD Installation and Upgrading 0 20th April 2009 06:54 PM
ssh root Nk2Network OpenBSD Security 22 8th April 2009 06:59 PM
NTOP as root sniper007 FreeBSD Security 0 27th January 2009 07:42 PM
Wheel Can't su root MetalHead OpenBSD General 2 22nd November 2008 12:44 AM
root mail sheriff26 FreeBSD General 5 2nd July 2008 04:56 PM


All times are GMT. The time now is 05:44 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick