| View previous topic :: View next topic |
| Author |
Message |
fimblo
Guru
Joined: 19 Feb 2003
Posts: 306
Location: European Union, Stockholm
|
 Posted: Fri Aug 22, 2003 8:18 pm Post subject: virus? attempted hack? help: can't find kmalloc() |
 |
|
Hi all,
I never really turn off my laptop- normally i just put it to sleep. But the other day I actually tried to turn it off, by using the "halt" command.
What I got was something like (excuse me for using explicit language, but this is what it said) 
| Code: | | FUCK: cant find kmalloc() |
and the system hangs. After smurfing around google a while, i read about a failed attempted hacking, which resulted in the colourful error message above. they also said to look at /proc/1/exe, where it points that is...
On a system which halts correctly, it looks like this:
| Code: | alux 1 # ls -l /proc/1/exe
lrwxrwxrwx 1 root root 0 Aug 22 22:16 /proc/1/exe -> /sbin/init
|
On my erroneous kmalloc laptop it looks like this:
| Code: | waoh 1 # ls -l /proc/1/exe
lrwxrwxrwx 1 root root 0 Aug 22 22:17 /proc/1/exe -> /sbin/initmem
|
Does anyone know what happened to my laptop?
Did someone try to get into my system (ahem. did they succeed?)
How do I fix it?
help!
_________________
http://blahonga.yanson.org - little geekblog
http://blahona.yanson.org/howtos/livecd - yet another livecd howto |
|
| Back to top |
|
 |
paradox508
Tux's lil' helper
Joined: 18 Mar 2003
Posts: 79
Location: Chicago, IL
|
| Posted: Tue Aug 26, 2003 6:04 pm Post subject: |
|
|
| Quote: |
On a system which halts correctly, it looks like this:
| Code: |
alux 1 # ls -l /proc/1/exe
lrwxrwxrwx 1 root root 0 Aug 22 22:16 /proc/1/exe -> /sbin/init
|
On my erroneous kmalloc laptop it looks like this:
| Code: |
waoh 1 # ls -l /proc/1/exe
lrwxrwxrwx 1 root root 0 Aug 22 22:17 /proc/1/exe -> /sbin/initmem
|
|
you might give this a try.
take a look in /sbin and see if the original script 'init' is still there.
if it is then remove /proc/1/exe and recreate it
#ln -s /proc/1/exe /sbin/init
i make no garantees about his. its just a recommendation off the top of my head.
i personally have had a compromized system and did some house cleaning only to find i didnt really trust the system afterwards and was having some strange behavior stil, modified configs and such causing problems so i reinstalled gentoo.
if your laptop is connected directly to the internet, i highly recommend a firewall
if you use kde, guard dog is a good qt based gui for iptables along with kmyfirewall.
good luck!
'dox |
|
| Back to top |
|
|
fimblo
Guru
Joined: 19 Feb 2003
Posts: 306
Location: European Union, Stockholm
|
| Posted: Tue Aug 26, 2003 9:38 pm Post subject: |
|
|
yeah, i've installed a firewall on my laptop, both on my wlan0 and eth0 interfaces (both public ip numbers )
hmm yeah I better reinstall my whole system, I dont really trust it...
thanks for the tips
/fimblo
_________________
http://blahonga.yanson.org - little geekblog
http://blahona.yanson.org/howtos/livecd - yet another livecd howto |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
