I can recreate my system from backup in
Seconds Minutes Hours Days Weeks Never tested Never backed up ( 459 votes ~ 6 comments )
You are not currently logged in. If you do not have a user account then please consider creating one and logging in before you post your comment. This will allow you to track replies to your comment, and take part in the site much more freely.
To add your comment, fill in all the boxes below and then preview it to make sure you're happy with the way that it looks.
This is the comment you were replying to, attached to the weblog chkrootkit and false positives?
#2 Re: chkrootkit and false positives? Posted by oxtan (82.93.xx.xx) on Sat 27 Jan 2007 at 12:18 I tried restarting the service apcupsd but I got an 'Ooops' from the kernel: Jan 27 12:55:58 tux apcupsd[20605]: apcupsd exiting, signal 15 Jan 27 12:55:58 tux apcupsd[20605]: apcupsd shutdown succeeded Jan 27 12:56:01 tux /USR/SBIN/CRON[9363]: (root) CMD (/sbin/adslscript) Jan 27 12:56:09 tux kernel: Unable to handle kernel NULL pointer dereference at virtual address 00000c45 Jan 27 12:56:09 tux kernel: printing eip: Jan 27 12:56:09 tux kernel: d4ae55a2 Jan 27 12:56:09 tux kernel: *pde = 00000000 Jan 27 12:56:09 tux kernel: Oops: 0000 [#2] Jan 27 12:56:09 tux kernel: PREEMPT Jan 27 12:56:09 tux kernel: Modules linked in: ide_cd cdrom evdev pcspkr floppy snd_ens1371 snd_rawmidi snd_seq_device snd_pcm snd_page_alloc snd_timer snd_ac97_codec es1371 gameport ac97_codec aic79xx uhci_hcd pci_hotplug intel_agp agpgart usbhid nfsd exportfs lockd sunrpc sch_htb sch_ingress cls_fw cls_u32 sch_sfq sch_cbq ppp_deflate zlib_deflate bsd_comp ppp_synctty ppp_generic slhc ipt_REDIRECT ipt_REJECT ipt_rec ent ipt_length ipt_TOS iptable_mangle usbcore parport_pc lp autofs4 ipv6 genrtc snd_mixer_oss snd soundcore dm_mod capability commoncap 3c59x ipt_conntrack ipt_ULOG aic7xxx st tun loop ip_nat_irc ip_conntrack_i rc ip_nat_ftp ip_conntrack_ftp parport ipt_mark ipt_state iptable_filter ipt_MARK ipt_MASQUERADE iptable_nat ip_conntrack ipt_LOG ip_tables af_packet ext3 jbd mbcache ide_generic piix ide_disk ide_core sd_mod a ta_piix libata scsi_mod unix font vesafb cfbcopyarea cfbimgblt cfbfillrect Jan 27 12:56:09 tux kernel: CPU: 0 Jan 27 12:56:09 tux kernel: EIP: 0060:[<d4ae55a2>] Not tainted Jan 27 12:56:09 tux kernel: EFLAGS: 00010286 (2.6.8-3-686) Jan 27 12:56:09 tux kernel: EIP is at hiddev_ioctl+0x32/0x920 [usbhid] Jan 27 12:56:09 tux kernel: eax: cd44acc0 ebx: 00004802 ecx: ca536800 edx: fffffffb Jan 27 12:56:09 tux kernel: esi: 00000000 edi: 00000001 ebp: 00000000 esp: c189fef0 Jan 27 12:56:09 tux kernel: ds: 007b es: 007b ss: 0068 Jan 27 12:56:09 tux kernel: Process apcupsd (pid: 9370, threadinfo=c189e000 task=d3f1ef30) Jan 27 12:56:09 tux kernel: Stack: d37d39c0 00000000 c189e000 cc3e3e60 00000000 d4a41a00 c015e392 d339eb54 Jan 27 12:56:09 tux kernel: d37d39c0 00000103 c9d5e32c d37d39c0 d339eb54 d3fbbaa0 d3fbbaa0 c0153cfc Jan 27 12:56:09 tux kernel: d37d3a08 d339ebec 71d4d9d3 00000102 0808b7f8 cea9e000 c189e000 c0153be8 Jan 27 12:56:09 tux kernel: Call Trace: Jan 27 12:56:09 tux kernel: [<d4a41a00>] usb_open+0x0/0x1f0 [usbcore] Jan 27 12:56:09 tux kernel: [<c015e392>] chrdev_open+0xf2/0x220 Jan 27 12:56:09 tux kernel: [<c0153cfc>] dentry_open+0x10c/0x240 Jan 27 12:56:09 tux kernel: [<c0153be8>] filp_open+0x68/0x70 Jan 27 12:56:09 tux kernel: [<c01681cc>] sys_ioctl+0x11c/0x280 Jan 27 12:56:09 tux kernel: [<c010603b>] syscall_call+0x7/0xb Jan 27 12:56:09 tux kernel: Code: 8b b7 44 0c 00 00 85 c0 74 64 81 fb 01 48 04 80 0f 84 9e 08 anyway, I powercycled the machine, all is back to normal and now chkrootkit shows nothing strange. The ups is a cheap one, a 500 model, so maybe that is part of the problem.
Posting Format:
Inappropriate comments will be removed.
Some help on entry formatting is available
Username:
Password:
[ Advanced Login ]
Register Account
