Hi,
I have chkrootkit installed which I run regularly. I have a
firewall and I run portsentry and logcheck. I do not leave the
computer online when I am not using the net.
Last night when I close the eth0 interface and ran chkrootkit I
had the following message:
Checking `lkm'... You have 4 process hidden for readdir command
You have 4 process hidden for ps command
Warning: Possible LKM Trojan installed
However, when I reran chkrootkit, this warning was not
triggered. How can I further check if there is a problem?
Thanks.
--
Dominic Mitchell