Announcement

Collapse
No announcement yet.

Suspicious activity

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    [PLASMA 5] Suspicious activity

    Anew install of 24.03 ran chkrootkit and I saw this:
    Code:
    Searching for suspicious files and dirs, it may take a while... The following suspicious files and directories were found:
/usr/lib/modules/6.2.0-26-generic/vdso/.build-id
/usr/lib/modules/6.2.0-20-generic/vdso/.build-id
/usr/lib/debug/.build-id
/usr/lib/libreoffice/share/.registry
​
    I don't know what this means. Should I worry?
    Last edited by linelocker; Jul 28, 2023, 04:56 PM.
    Tags: None
    • Top
    • Bottom
    #2
    Short answer: No
    Windows no longer obstructs my view.
    Using Kubuntu Linux since March 23, 2007.
    "It is a capital mistake to theorize before one has data." - Sherlock Holmes
    • Top
    • Bottom

    Comment

      #3
      There is more info here: https://www.chkrootkit.org/
      I stopped going on that rabbit chase years ago.
      The most likely way to acquire malware is by social engineering, and even that is hard. First, YOU have to download it. Then YOU have to add the execute permission. Then YOU have to run it.

      If I download a tar file or deb package from a reliable source it most likely contains a shell script or an executable. I usually open those with Ark and check for executable shell scripts or binaries. I read the scripts and examine the executables with Okteta.

      The binaries in the repository have been checked and if you stick to them you won't have any infections.
      "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
      – John F. Kennedy, February 26, 1962.
      • Top
      • Bottom

      Comment

      Previous template Next
      Working...
      X