Warning: Possible LKM Trojan installed...

[okram]

Kun ajoin chkrootkitilläniin yhdessä kohtaa lukee seuraavaa:

...Checking `lkm'... You have     1 process hidden for readdir command
You have     1 process hidden for ps command
chkproc: Warning: Possible LKM Trojan installed...

Onko mulla joku troijalainen pesiytynyt vai voiko tuon antaa olla???

 

[okram]

Googlen kautta tällaistakin vaihtoehto infoa löytyy kyllä esim:

"A quick google
search seems to suggest that chkrootkit gives false positives with the LKM
Trojan on some recent systems.  Is this the case here? "

"After a lot of google searching, came across a link to the chkrootkit mailing
list archives.  Apparently in January this year, the developers issued a
patch:

"Hi,

chkrootkit currently fails to recognize threads in Linux kernel 2.6 and
therefore warns about LKM.  Attached patch fixes that problem: under 2.6
the threads are listed in /proc/$pid/task/$tpid.

Juergen"

Applied the patch to chkproc.c, recompiled, ran chkrootkit again and hey
presto, no complaints. 

Thank god.  I was worried about my evil xmms program running rampant in my
system   Who knows what havoc it would have wrecked."

Elikä tuon voi varmaan painaa villaisella-kö???