[plug] GAM SERVER - chkrootkit ?

Lance Duivenbode lduivenb at iinet.net.au
Fri Dec 2 11:02:02 WST 2005

Perhaps a check to see if anything is listening would also be a good idea?

Run 'netstat --listening --tcp --numeric-ports' to get a complete list.

Ranime wrote:

>Googled, read but not understood...  I think I need help....
>Two Questions  here :
>1. My Mandriva 10.2 (LE2005) and 2006 boxes  have two instances of
>KPM shows one for 'root' and one for the 'user' as sleeping.
>trying to 'KILL' is not allowed and they they momentarily show as 
>can someone please let me know what 'GAM SERVER' is used for on 
>Mandriva ? 
>2. Both boxes when checked with 'chkrootkit' show 
>again, googling this appears that this may not be a hacked machine, but 
>a clash between an older chkrootkit 0.43 and the newer kernel 
>can someone please confirm this please ,
>has anyone got a solution if needed , or have seen this before ?
>The  10.2 box has been used for a long while but the 2006 box has only 
>just been created in the last week, the only net connection was for ftp 
>from mirror.pacific for updates
> and the complete contents of 'main media'  
>no web or email etc have been used , and no servers should be running 
>and both machines are behind a nat enabled ADSL and swiched  eth 
>TIA for any useful advise.

More information about the plug mailing list