Fedora Linux Support Community & Resources Center

Home Forums Posting Rules Linux Help Fedora Set-Up Guides Ask Fedora Fedora Project
Go Back   FedoraForum.org > Fedora 17/18 > Using Fedora
Reload this Page Rootkit Problem
FedoraForum Search
Forgot Password? Join Us!
Register All Albums FAQ Search Today's Posts Mark Forums Read

Using Fedora General support for current versions. Ask questions about Fedora and it's software that do not belong in any other forum.

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 1st October 2007, 11:49 PM
fedorafan2 Offline
Registered User
  
Join Date: Dec 2005
Posts: 277
Rootkit Problem
I know my system has a rootkit installed on it and I am trying to get rid of it. I tried to use knoppix to run chkrootkit, but when I try to mount hda2 it says
Mount:
I could not determine the filesystem type, and none was specified.

When I run
Code:
mount -t ext2 /dev/hda2 /mnt/hda2
it says:
wrong fs type, bad option, bad superblock on /dev/hda2, missing codepage or other error

Any ideas on how to get it to mount so I can scan it?
Reply With Quote
  #2  
Old 2nd October 2007, 12:20 AM
Zotter's Avatar
Zotter Offline
Registered User
  
Join Date: May 2004
Location: Central Wyoming
Posts: 637
Boot knoppix - at the command line, run:

fdisk -l

what does that say?
__________________
If it ain't broken - you're not really trying....
Registered Linux user #227845
Reply With Quote
  #3  
Old 2nd October 2007, 04:49 AM
fedorafan2 Offline
Registered User
  
Join Date: Dec 2005
Posts: 277
It does nothing (just comes up with a new prompt)

I am able to mount the boot partiton /dev/hda1
Reply With Quote
  #4  
Old 2nd October 2007, 11:31 AM
pete_1967 Offline
Clueless in a Cuckooland
  
Join Date: Mar 2006
Location: Here now, elsewhere tomorrow.
Posts: 3,929
It's probably an LVM volume.

Try
Quote:
# vgscan --mknodes
# vgchange -ay
# lvscan
That should detect and activate all logical volumes.

Then try to mount it with
Code:
# mount /dev/VolGroup00/LogVol00 /mnt
In case you got 2 groups with same name, you need to rename another one with vgrename
Reply With Quote
Reply

Tags
problem, rootkit

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Is this a rootkit jonward0690 Using Fedora 1 11th July 2007 05:36 AM
how to remove LKM rootkit powereds Using Fedora 8 9th July 2005 02:42 AM


Current GMT-time: 05:17 (Sunday, 26-05-2013)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.
Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

 FedoraForum is Powered by RedHat