On Mon, Oct 05, 2009 at 05:09:16PM -0400, Fooo Barrrrrrrr wrote:
> I got this from the rkhunter cron job today ( never seen it before, or the
> files listed):
> Warning: Suspicious file types found in /dev:
> /dev/shm/mono-shared-1000-shared_fileshare-fooooobaarrr.homelinux.org-Linux-i686-36-12-0:
> data
> /dev/shm/mono-shared-1000-shared_data-fooooobarrrr.homelinux.org-Linux-i686-312-12-0:
> data
> /dev/shm/mono.17997: data
>
>
> :/dev/shm# ls -l
> total 8
> -rw-r----- 1 pbc pbc 4096 2009-10-04 13:11 mono.17997
> -rw-r----- 1 pbc pbc 79880 2009-10-04 13:11
> mono-shared-1000-shared_data-foooobarrrrr.homelinux.org-Linux-i686-312-12-0
> -rw-r----- 1 pbc pbc 3686404 2009-10-04 13:11
> mono-shared-1000-shared_fileshare-fooooobarrrr.homelinux.org-Linux-i686-36-12-0
>
>
> should I be worried?
> running lenny, updated..
I would definitely be worried! It's not a worm, not a Trojan, it's not a
rootkit,... it looks like .....you are.... running..... MONO!! ZOMG!!
(File and submitter names obfuscated since this is just a (scary) joke).
--
Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred |
http://inittab.comKey fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3
--
To UNSUBSCRIBE, email to
debian-curiosa-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact
listmaster@...
