When I use rkhunter it always shows two warnings and possible 4 rootkit information:
Checking for suspicious (large) shared memory segments [ Warning ]
Checking for hidden files and directories [ Warning ]
File properties checks...
Files checked: 149
Suspect files: 0
Rootkit checks...
Rootkits checked : 480
Possible rootkits: 4
Applications checks...
All checks skipped
The rest is ok. Using chkrootkit i always get only one alert: tcpd INFECTED. I used:
sudo sha1sum /usr/sbin/tcpd
and the answer was:
9ee346a9400f52e16576db35c310a72af391e199 /usr/sbin/tcpd
I found out that it should be:
cd9cfc19df7f0e4b7f9adfa4fe8c5d74caa53d86 /usr/sbin/tcpd
Is it posible that my system is infected? I have Linux Mint 19 mate.
Asked by Daniel
(1 rep)
Feb 15, 2019, 12:47 AM
Last activity: Feb 15, 2019, 09:53 AM
Last activity: Feb 15, 2019, 09:53 AM