>
>
>>
>>> Sep 15 10:39:53 comp automount[15138]: >> mount:
>>> server:/home/.hidden failed, reason given by server: Permission denied
>>> Sep 15 10:39:53 comp automount[15138]: mount(nfs): nfs: mount
>>> failure server:/home/.hidden on /home/.hidden
>>> Sep 15 10:39:53 comp automount[15138]: failed to mount /home/.hidden
>>>
>>> What is /home/.hidden? Why can't it be mounted? And, can I simply
>>> delete it?
>>> Basically, what is this error from and how can I stop it from
>>> occurring?
>>>
>>> Thanks in advance for any help.
>>
>> The name of the directory ".hidden" implies evil intent. See if you
>> can find a check root kit package for
>> Centos. Lock down your machine right away and start looking for
>> modified RPMs.
>
I used rkhunter to check for what evil might be going on. The only
thing it listed were 2 vulnerable apps that seem to just be "Old or
patched version" (OpenSSL 0.9.7a and PHP 4.3.9). This doesn't seem like
the problem (am I wrong?).
I realize that this is a basic question, but I'm a bit of a newbie. How
do I go about looking for modified RPMs?
Thanks!
