On 29/11/24 04:37, Jeffrey Walton
wrote:
I've run chkrootkit and it said there were no issues, but rkhunter has reported two suspect files, being /usr/bin/egrep and /usr/bin/fgrep because it has said they have been replaced by a script, is that standard Fedora?On Thu, Nov 28, 2024 at 12:25 PM home user via users <users@xxxxxxxxxxxxxxxxxxxxxxx> wrote:(f-40, stand-alone workstation, gnome) A few times in the past couple of months, I've received the following warning from "chkrootkit": - - - - - - bash.1[~]: chkrootkit ROOTDIR is `/' Checking `amd'... not found [snip] Checking `bindshell'... not infected Checking `lkm'... You have 1 process hidden for ps command chkproc: Warning: Possible LKM Trojan installed chkdirs: nothing detected Checking `rexedcs'... not found [snip] Checking `OSX_RSPLUG'... not tested bash.2[~]: - - - - - - Leading and trailing lines are merely context. "rkhunter" gives no warnings. What's going on with that lkm warning?Do you really need us to google it for you?
regards,
Steve
Attachment:
OpenPGP_0x1EBE7C07B0F7242C.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature
-- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue