[prev in list] [next in list] [prev in thread] [next in thread]
List: suse-security
Subject: Re: [opensuse-security] gmonstart / jvregisterclasses in tons of binaries with commands,malware?
From: Marcus Meissner <meissner () suse ! de>
Date: 2009-12-17 15:19:53
Message-ID: 20091217151953.GF4504 () suse ! de
[Download RAW message or body]
On Wed, Dec 16, 2009 at 09:28:54PM -0500, whereislibertyandjustice@Safe-mail.net wrote:
> In linux binaries, in any linux distro, I've discovered the same strings
> which I believe may be due to a virus or trojan.
>
> Yet, clamav, rkhunter, chkrootkit do not detect abnormalities.
>
> Whether I run 'strings' on the binary files or view with vim or gedit, here
> is what is always seen inside the binaries:
>
>
> __gmon_start__
> _Jv_RegisterClasses
These are two expected symbols and are runtime hooks for gmon and the
GNU java runtime. They are supposed to be there and do not constitue a breakin.
Ciao, Marcus
--
To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security+help@opensuse.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic