[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

LKM Trojan



While exploring the workings of my OS weekend before last, I managed to break
Shorewall (Shoreline Firewall) and I surfed unprotected for a couple of daze
before I was able to fix it.  I ran chkrootkit this last weekend, which reported
that I had four hidden processes and might have picked up the LKM trojan.  For
lack of a better plan, I reformatted my root partition and rebuilt from the
ground up.  :-(

What, in plain English, is a trojan?

Was there a simpler alternative than wiping the drive and rebuilding?

Am I correct in assuming that wiping / was sufficient and that was no danger in
retaining /home?

I'm starting to wonder if purchasing a firewall applicance might be a good idea.
 I've been quite pleased with Shorewall the last couple of years.  The only
concern is that the Debian installer downloads lots of packages from the
internet, and Shorewall doesn't want to work with the stock Debian Sarge kernel.
 So, there is no way to install Debian without surfing unprotected for a couple
of hours.  :-(   Comments? Recommendations?

-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.