Results 1 to 2 of 2
  1. #1
    Join Date
    May 2004
    Location
    Malaysia
    Posts
    178

    chkrootkit - chkutmp detected

    Hi,

    Below is my chkrootkit-0.47 result

    Checking `chkutmp'... The tty of the following user process(es) were not found
    in /var/run/utmp !
    ! RUID PID TTY CMD
    ! root 4391 tty6 /sbin/mingetty tty6
    chkutmp: nothing deleted

    What is the problem and how to solve it.

  2. #2
    Join Date
    May 2006
    Location
    Teh Interweb
    Posts
    314
    Your datacenter may be running a "stealth login" on tty6 so that if you put in a ticket they do not have to ask you for your password. This can be done with the openvt command. In your case:

    Code:
    openvt -c6 /bin/bash
    If you do not actually login an entry will never be made in utmp. You should check with your provider.

    If you wanted to kill this, you could always kill the PID. In this case: 4391

    [[email protected]] ~ $ cat .signature
    cat: .signature: No such file or directory

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •