Debian :: Hidden Processes On Squeeze X86?
Jul 18, 2011
This morning I ran unhide on my Squeeze x86 netbook. The brute force process detection came up with ahidden process. Repeated runs of unhide with the system in various states continued to show the process,but with a different PID each time.(Or maybe it was spawning new processes and killing itself every second or so. A newer version of unhide,which I compile from source, did describe the process as "maybe transient" or omesuch. Anyway, I've unhide on Squeeze before, and I know that detection of any hidden process is absolutely not normal.)Also, rkhunter found some hidden directories. Of particular note, I think, is /etc/.java, which contains evenmore hidden stuff. It *might* be system-wide preferences for the JVM, but somehow I doubt it.
So, I have two questions...1. Do I really have a rootkit or trojan infection? It looks like it, but I want confirmation that I'm not chasingphantoms. (Or that I am, whichever.)2. If so, how can I prevent a recurrence? FWIW I was running without iptables or any other firewall, but I madesure all my ports were closed; and I did most of my browsing through Chromium, which should have pretty
View 7 Replies
ADVERTISEMENT
May 10, 2010
I did some unfortunate dragging I think and now most of my windows which were open before are not there anymore. When I go to processes, I can see that they are still there. E.g. I had a terminal window open and now the window is gone but I can still see a bash process in the list
View 8 Replies
View Related
Jan 13, 2010
I post this to have a memo about how I looked into this problem. You can use this command to check what is hidden.
Code:
/usr/lib/chkrootkit/chkproc -v -p 3 | grep /proc/ | sed 's/.*(/proc/[0-9]*).*/1/'| xargs -n1 -I %%% cat %%%/cmdline
If it doesn't output anything, then nothing is hidden currently. This usually means that a process was started between the ps command and the /proc check of chkrootkit. You can check what those command(s) are by running the above in a loop, with high priority.
[Code]...
Does anyone know how to get rid of these false positives while retaining other functionality of chkrootkit?
View 1 Replies
View Related
May 6, 2010
just a general weirdness, but some folders that are in my /home folder don't show up. if i check "show hidden folders", they still don't show up. for all terms and purposes, they are simply not there. however, if i search for them through the search tool, or beagle, they show up as being in my /home folder. so, anyone have any idea how this happened, or how i can remedy this?
View 9 Replies
View Related
Feb 26, 2011
Last time,I changed the icon for the ding-dictionary,it used the gear-wheel symbol before. The I saw,that the hidden directories also used the new icon,and now they are all gone Did install the old 256.53-NVIDIA-driver last night,but that should not be the reason ?
View 4 Replies
View Related
Apr 10, 2011
I am still running the linux-image-2.6.32-5-686 kernel a computer with squeeze. I installed squeeze on it when it was unstable. I would like to bring up to the new stable state.Should I do apt-get install linux-image-2.6.32-5-686or should Iapt-get dist-upgrade
View 1 Replies
View Related
Mar 10, 2011
This really doesn't make sense to me:
View 9 Replies
View Related
Nov 27, 2015
Note the contents of my /etc/apt/sources.list. Only problem is when I run apt-get update there asome 'wheezy' update sources that I must have put it by accident. Where would they be coming from and how do I delete them?
Code: Select all#
# deb cdrom:[Debian GNU/Linux 8.2.0 _Jessie_ - Official amd64 NETINST Binary-1 20150906-11$
#deb cdrom:[Debian GNU/Linux 8.2.0 _Jessie_ - Official amd64 NETINST Binary-1 20150906-11:$
deb http://ftp.au.debian.org/debian/ jessie main
deb-src http://ftp.au.debian.org/debian/ jessie main
[Code] ....
View 6 Replies
View Related
Jul 9, 2010
Finally took the plunge and decided to give debian a go, not done so before as feared it would be too complicated. Net install went ok. Used to wiki to get me wireless up and running by copying those commands provided most of which made no sense (why the separate kernel image for wireless?).
Anyway seems to have worked so now to the problem I can't connect to my wireless network its not broadcasting so configured it manually the way I do in ubuntu through the net manager, it doesn't connect at all.
View 1 Replies
View Related
May 30, 2011
I have lately been converting all my Ubuntu installs to Debian. Kind of like a revival meeting. Basically I am wiping the ~/.whatever files from the /home partition and saving any that might be handy later. Save any files from the / partition that I might want something from (/var/cache/apt/archives for packages installed, /usr/share/backgrounds and so forth). The last one I am working on is a little different. It is the first install (successful) install I ever did, Ubuntu 8.04, and it is ext3 on one partition. I did the above things as on the others but it was all on one partition. Fired up my netinstall disk for squeeze and installed on 2 partitions. One new one for / ext4 and the old partition not formatted, mounted as /home on ext3.
Did a base install with only the system utilities added by the taskel business at the end of install (like always). Rebooted to that install. Every thing seems to work at the basic level. My passwords worked, both for the text user login and then the root password when I ran su so that I could purge nfs-common (it has given me problems on every install for some reason). Came back here to my usual Debian testing install, fired up boinc and then the chroot environment for the new convert. Installed gnome-desktop-environment and some other things, all from a list that I have used before in just this manner.
Go back to boot to the new one, every thing rolls fine, get the GDM3 login, enter password. "Can't access ICEauthorization". Have to Ctrl+Alt+b out. Back here I check the /home/tom directory for that install and hit Ctrl+H and there are no hidden files. Run "dpkg-reconfigure -a" to no effect. Try adding my user again and that, of coarse dose not work because the user already exists. One other thing is that if I boot to recovery it does show the message to login or hit Ctrl+D but does not stop with a prompt. Shows a couple other things and stops. Ctrl+Alt+B to get out once and had to unplug once.
View 11 Replies
View Related
Jan 24, 2016
I've been searching and trying to correct this problem for nigh on 12 hours. I would like to note that I know that hidden SSID are not necessarily much more secure. I have no permission to change the settings where I am. I'm running Debian Jessie. I have no way to get the server a connection other than the WiFi dongle I'm using. I have installed the correct WPA_Supplicant and Wireless Tools for my architecture/distro/version. I also have solved a sub-problem I had earlier; that the drivers for my WiFi dongle come with the kernel, but the firmware does not. That was remedied.
I can see my SSID in my iwlist scan. (iwlist scan | grep ESSID). My current /etc/network/interfaces looks like this:
Code: Select allauto wlan0
iface wlan0 inet dhcp
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
My current /etc/wpa_supplicant/wpa_supplicant.conf looks like this:
Code: Select allnetwork={
ssid="hundley_1"
psk=HashedPSK
scan_ssid=1
}
The original .conf was created by using wpa_passphrase "hundley_1" PASSWORD >
/etc/wpa_supplicant/wpa_supplicant.conf I know for a fact that the security key is correct. I edited the .conf produced to what it is now.
Usign ifup wlan0 and ifdown wlan0 to start and restart the connection yields an error. The gist of the error is:
NO DHCPOFFERS recieved
View 2 Replies
View Related
Feb 21, 2011
I will be switching to Debian soon and have been forming a large script with a vbox test system to automate my system configuration when I switch.
When I install lamp (Or basically it's equivalent packages) apache and mysql start up automatically.
I could just use update-rc.d to remove the autostart but whenever there's a security or feature update for the package the files get replaced.
In addition, for some reason the system thinks it's a good idea to autostart half a dozen apache2 processes at the same time, sucking up a good 150Mb ram when not doing anything. (Anyone know why?)
How would I stop my system from doing this? Could I "chmod 000" the /etc/init.d files?
View 2 Replies
View Related
Nov 11, 2015
I need something to monitor and record the activity of the top 5 processes in terms of CPU usage and load average during a specific timespan. I'm having some spikes in the morning and just realized it's not always at the same time so it's hard to get up and watch the processes with top. I need something that records CPU usage and load average of the processes from 4AM to 9AM (for instance) so I can debug the process that it's consuming my CPU and spitting +80 e-mails with monit each day.
View 2 Replies
View Related
Mar 22, 2016
How to log "remaining processes"? How to know their names?
Code: Select allsystemd-shutdown[1]: Sending SIGTERM to remaining processes...
View 4 Replies
View Related
Apr 5, 2011
Does Debian 6 "Squeeze" automatically run boot processes in parallel if not how do I
configure it to do so. Here is the quote from my /etc/init.d/rc :
# Specify method used to enable concurrent init.d scripts.
# Valid options are 'none' and 'makefile'. Obsolete options
[code]...
View 2 Replies
View Related
Jun 27, 2011
I try to open an application, and it's painfully slow, and i think "this is weird i've had it open just 10 seconds ago and it should be in the cache". the disk is constantly working, so maybe i ran out of ram and it's swapping, so i check: according to 'free -m', about 200m of 2g ram is used (without buffers/cache), but still also 200m of swap is used, although swappiness is set to 1 (low tendency to swap). so this is not normal.also, kswapd0 is eating pretty much cpu (but not 100%). switching to tty1, logging in, and starting iotop takes about a minute. according to iotop, about 8 random processes (could be a browser, could be some daemon) have 99% IO activity (i'm not sure what that means, how can 8 processes take 99% each?).after the first 3 times, i disabled swap by adding swapoff -a to rc.local, but it's still the same, and kswapd is still among the cpu-eaters.
View 4 Replies
View Related
Jun 16, 2011
This might be nothing but when booting a computer directly into the console (tty), and running htop, I expect the list of running processes to be very short, but it turns out I have more than 50 instances of /usr/sbin/console-kit-daemon --no-daemon running (see screenshot below). Is this normal?
View 2 Replies
View Related
Jan 18, 2011
[rant]Ok, I've been ignoring this for a couple of months, but now it's gotten to me and I want to know what's causing it.[/rant] Here's my problem. I have scim 1.4-9 (latest) installed for Japanese input. It works fine. I have no problems with it. However, when I launch Synaptic or update manager a duplicate instance of scim starts.This is on Debian Squeeze. See below:
Fresh reboot:
Code:
scim-bridge 34.2MIB
scim-helper-manager 32.7MIB
scim-launcher x2 47.8MIB, 165.4MIB
scim-panel-gtk 153.2MIB
After launching Synaptic or Update manager:
B signifies before as above
Code:
B scim-bridge 34.2MIB
scim-bridge 34.2MIB
B scim-helper-manager 32.7MIB
scim-helper-manager 32.8MIB
[code].....
It's not a huge deal, because when I close said programs, the duplicate process stop. I just find it odd because these are the only two programs that seem to cause it. Oh, and I'm using Gnome, if that matters.
View 2 Replies
View Related
Sep 6, 2010
Are there a utility for stop all dispensable processes giving maximum resources for games ?
View 1 Replies
View Related
Feb 19, 2011
how to install Dropbox for Debian Squeeze from source.Please read everything before you begin. I prepared it as I installed Dropbox for my own system. Please Note: I use sudo, you may have to use root or 'su' from the command line. If you don't know the difference between sudo and su, then you shouldn't try this until you know. At the time I did this, the lastest dropbox version was 0.6.7.
View 7 Replies
View Related
Aug 18, 2011
Below is the recipe I've used to compile dwm from source on Squeeze
su
apt-get install devscripts debian-keyring
apt-get build-dep dwm
exit
It all seems to work, however debuild gave an error about secret keys. Is this a sensible procedure? What happens in the (probably unlikely) event there is another source patch?I've gone to a tiling window manager as the result of the purchase of a wide screen LCD monitor. I like to have some stuff down the right hand side when running Firefox and OpenOffice in the main panes. Any configuration tricks welcome. Modern screens are the wrong shape!
View 6 Replies
View Related
May 26, 2010
I've just install debian squeeze version, or the testing one, but I am not really happy with it. Is not listening me all the time. If I install the debian stable I don't have internet connection. Is it possible to update the kernel somehow using the testing version?
View 12 Replies
View Related
Feb 8, 2011
I installed Debian Squeeze with Gnome today. I'm unable to change from the default icon theme. I can change themes, but the icon theme remains default.Things I've tried:
- I've made a new user account.
- .gtkrc-2.0 in my home is auto-generated, .gtkrc.mine does not exist.
# -- THEME AUTO-WRITTEN DO NOT EDIT include "/usr/share/themes/Darklooks/gtk-2.0/gtkrc" include "/home/haunted/.gtkrc.mine"
# -- THEME AUTO-WRITTEN DO NOT EDIT
- I've tried installing a theme into my /home/.themes.
- I've reinstalled gnome-settings-daemon.
- Tried changing themes then doing a full reboot.
- Cursed it periodically.
View 2 Replies
View Related
Sep 18, 2010
I want to install Debian 5.06 64 bit on squeeze repo. Where can I find its netinstall ISO?
View 6 Replies
View Related
May 29, 2011
I have been trying to install a command line Debian Squeeze system on n Eee PC 701., but have run into a number of problems:
1) All install info I can find assumes that the person wants to install a GUI system of some sort.
2) The Eee PC has a unique 2 MB. partition that needs to be preserved, so no guided install.
3) The Eee PC has an SSD instead of an HD. Most postings I have seen recommend an install without a swap partition, but the install (both live and text) seems to choke and despite a fresh formatting of the existing partition, claims to be overwriting existing files.
4) I can understand from the wiki that the Eee PC wireless driver (Atheros) should be included in Squeeze, but when the wireless connection and password is added, the installer claims that the password is not correct, despite me having checked it a number of times.
I hope someone can help me out. I just want to use the Eee PC for low resource stuff done on the cli like using a text based web browser to access the net through a wireless router and to hook it up to an external USB HD and to my stereo, to play my music collection.
View 14 Replies
View Related
Apr 5, 2011
I installed Firestarter firewall on debian Squeeze.Now i note there is a gui available in System->Administration which apparently does not need to be running all the time - its not set up to start on boot.When I boot I notice the boot message has a line saying "Starting Firestarter firewall .... failed"When I am logged in and type "/etc/init.d/firestarter status" as the Firestarter FAQs say, I get"Firestarter is running... ... (warning)"I can run the gui manually and still same message.
View 2 Replies
View Related
May 11, 2011
I just a newbie.i want to try customize my desktop.i found a website shown linux desktop very greatfull, like this :but i don't know how to start it.any expert guys please let me know the guiding for me to start this.
View 1 Replies
View Related
Jun 14, 2011
Found this 'Startup Disk Creator' in Ubuntu,it is useful,how we get it install in Debian Squeeze? There's a Unetbootin for Debian,but it pull in lots of qt stuff,I don't like it.
View 2 Replies
View Related
Aug 22, 2011
I have installed Debian Squeeze 6.0.2.1 amd64 from DVD-1.iso (4.4 GB) and I cannot install Synaptic Package Manager or Wine because they are not in the repos.
[Code]...
View 5 Replies
View Related
Feb 23, 2011
Fresh install of Debian 6.0 (squeeze) and the memory shows 3.8 GB. I have 6 sticks of 2 gb on the board.
Pertinent dmesg lines: AMI BIOS detected: BIOS may corrupt low RAM, working around it.
3083MB HIGHMEM available.
883MB LOWMEM available.
Bios tests 12 gb of ram fine.
View 4 Replies
View Related
