[clenny]

Me again guys, I've been looking at a few manuals and things. So I'm going through the file system and learning how it's organized when I come across a folder named "chkrootkit". Now I've heard nothing but bad things about rootkits so I'm thinking this shouldn't be there. Am I right? Anyway, I thought I would post this screenshot before I went and removed it.

[Bartender]

clenny -
Which version of Ubuntu you running? I forgot. I fired up my Dapper 6.06 install, and found no "chkrootkit" file using "Find". I went to Computer, File System, followed it to /etc/cron.daily, and found 11 files, none of them the one you mention.
Your attachment is a little fuzzy right where it counts, but it looks like the very first file is only 5 bytes? Is that right? That's the one you're worried about, isn't it?
I don't see how a file could possibly consist of 5 bytes and still be smart enuf to do anything malicious. I wouldn't delete ANYTHING outside of my home folder that I wasn't absolutely sure about, but let's see if anyone else has anything to say.

[clenny]

I'm running 6.0.6 LTS, that's Dapper, I think. Yeah 5 bytes does seem a bit slim to being to affect any damage but I'd like to hear what others think before I do something that might potentially damage my system. Thanks for your reply.

[Solix]

Hi clenny, I don't currently have access to a ubuntu install, but I suspect that they included the chkrootkit software from the chkrootkit.org website to beef up security on the system now that they are pushing it as a business server distro. By the way it's 577 bytes in size.

[clenny]

Quote:

Originally Posted by Solix

Hi clenny, I don't currently have access to a ubuntu install, but I suspect that they included the chkrootkit software from the chkrootkit.org website to beef up security on the system now that they are pushing it as a business server distro. By the way it's 577 bytes in size.

Well in that case, it's not anything to be too concerned about, and it's good to know that it comes with robust security. Thanks guys.

[prunejuice]

chkrootkit is the installed package that searches for rootkits...

...as in, type sudo chkrootkit in a terminal, and you'll quickly scan your system for rootkits.

[clenny]

Yeah, you're right. I checked around and found this:http://packages.debian.org/stable/misc/chkrootkit. And there are hundreds of references on the web too. I ran the command you suggested in the terminal and am happy to report that my system has a clean bill of health.