Results 1 to 9 of 9

Thread: Redhat question

  1. #1

    Redhat question

    /bin/ls: unrecognized prefix: do
    /bin/ls: unparsable value for LS_COLORS environment variable

    I get this everytime I do an ls

    The directory still lists, but that preceeds it.

    Any idea what causes this? It just started the other day

  2. #2
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,681
    You are infected with the t0rn rootkit. I suggest hiring someone good with security that knows how to remove it or get a os reinstall. The os reinstall would be better
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  3. #3
    ewwwww

    really?

    Anywhere I can find info on this?

  4. #4
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,681
    http://www.webhostingtalk.com/showth...hreadid=247248

    http://www.webhostingtalk.com/showth...hreadid=247298

    but be warned if you dont know what you are doing you might not get it all
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  5. #5
    thanks for the info

  6. #6
    Checking `login'... INFECTED
    Checking `pstree'... INFECTED


    chkrootkit seems to come up clean except for these two files

    I've followed the instructions in the other posts and removed all the crap. Any suggestions?

  7. #7
    as well, my syslog seems to be giving me grief

    syslogd dead but pid file exists
    klogd (pid 7839 6202 5986 3845 3145) is running...

  8. #8
    I can have my OS reloaded... what can I do to prevent this from happening again??

  9. #9
    one last question while I'm at it

    Is it safe to say that users home directories are safe to backup and restore when my os reload is complete?

    I don't want to carry over any of this crap!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •