Welcome to Linux Forums!

With a comprehensive Linux Forum, information on various types of Linux software and many Linux Reviews articles, we have all the knowledge you need a click away, or accessible via our knowledgeable members.

Linux Forum ArticlesLinux ForumsLinux Forum DownloadsLinux Hosts
Home|Register|FAQ|Member List|Calendar|Unanswered Posts|Forum Rules|Today's Posts|Advanced Search|
SEARCH FOR IN
Go Back   Linux Forums > GNU Linux Zone > Linux Security
Reload this Page after I ./chkrootkit, I have nothing except
Linux Forums
Linux Forums
Welcome To The Linux Forums!
Welcome to Linux Forums. We pride ourselves in being one of the largest Linux communities on the web, we encourage you to REGISTER on our forums and participate in the community. There are over 150,000 members ready to answer your questions. JOINING US today will allow you to make new posts, get support, send messages to other members and submit downloads to our downloads directory and many other great features!

Linux Security Discussion about keeping your machines secure, and the crackers out.

Reply
Page 1 of 2 1 2 >
 
Thread Tools Display Modes
Old 07-29-2003   #1 (permalink)
skyfolly
Linux User
 
Join Date: May 2003
Location: Hong Kong, China
Posts: 256
Send a message via ICQ to skyfolly
after I ./chkrootkit, I have nothing except
Code:
Checking `asp'... not infected
Checking `bindshell'... not infected
Checking `lkm'... nothing detected
Checking `rexedcs'... not found
Checking `sniffer'...
eth0 is not promisc
Checking `wted'... nothing deleted
Checking `w55808'... not infected
Checking `scalper'... not infected
Checking `slapper'... not infected
Checking `z2'...
??

eth0 is not promise???
__________________
Signature removed by moderator - please see forum rules
skyfolly is offline   Reply With Quote
Old 07-30-2003   #2 (permalink)
genlee
Linux Engineer
 
Join Date: Jan 2003
Location: Lebanon, pa
Posts: 994
Means it is not in promiscious mode which is most commonly used to sniff packets.
genlee is offline   Reply With Quote
Old 07-30-2003   #3 (permalink)
skyfolly
Linux User
 
Join Date: May 2003
Location: Hong Kong, China
Posts: 256
Send a message via ICQ to skyfolly
ha ha ha, i am so dumb, still dun get it, anyway, thanks
__________________
Signature removed by moderator - please see forum rules
skyfolly is offline   Reply With Quote
Old 07-30-2003   #4 (permalink)
Dolda2000
Linux Guru
 
Join Date: Oct 2001
Location: Täby, Sweden
Posts: 7,575
Normally, a NIC will only process packets that were headed for it. For example, if you're using a hub (instead of a switch) to connect your computers, all packets will be sent to all computers, but the NIC will discard all packages that weren't intended for it. Putting it into promiscuous mode means that it will receive all packages, so that you can monitor packets that were sent between other computers in your network.
Dolda2000 is offline   Reply With Quote
Old 07-30-2003   #5 (permalink)
skyfolly
Linux User
 
Join Date: May 2003
Location: Hong Kong, China
Posts: 256
Send a message via ICQ to skyfolly
how do i do it? thanks
__________________
Signature removed by moderator - please see forum rules
skyfolly is offline   Reply With Quote
Old 07-30-2003   #6 (permalink)
Dolda2000
Linux Guru
 
Join Date: Oct 2001
Location: Täby, Sweden
Posts: 7,575
Hmm? Why would you want to?
Dolda2000 is offline   Reply With Quote
Old 07-30-2003   #7 (permalink)
skyfolly
Linux User
 
Join Date: May 2003
Location: Hong Kong, China
Posts: 256
Send a message via ICQ to skyfolly
make eth0 promisc??? he he, nevamind
__________________
Signature removed by moderator - please see forum rules
skyfolly is offline   Reply With Quote
Old 07-30-2003   #8 (permalink)
craig_mcd
Linux Newbie
 
Join Date: Apr 2003
Location: UK, Manchester
Posts: 147
Send a message via AIM to craig_mcd
ifconfig <device> promisc

Normally you dont need to turn enable it as most apps that require promiscuous mode will enable it for you, like tcpdump for example.
craig_mcd is offline   Reply With Quote
Old 07-30-2003   #9 (permalink)
skyfolly
Linux User
 
Join Date: May 2003
Location: Hong Kong, China
Posts: 256
Send a message via ICQ to skyfolly
I see, cheers mate!!!
__________________
Signature removed by moderator - please see forum rules
skyfolly is offline   Reply With Quote
Old 07-30-2003   #10 (permalink)
andutt
Linux Engineer
 
Join Date: Apr 2003
Location: Sweden
Posts: 796
Use the command tcpdump to see all packets that "goes throw" you NIC...in hubbed environments you can for example see username and password in cleartext on hosts that have FTP-servers...can be fun..
__________________
Regards

Andutt
andutt is offline   Reply With Quote
Reply
Page 1 of 2 1 2 >

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off




All times are GMT. The time now is 12:52 AM.



Contact Us | Advertise | Archive | Top
© 2000 - 2008 - All Rights Reserved - Property of  MAS Media

Content Relevant URLs by vBSEO 3.0.0