If you just got your new VPS and you run some rkhunter or chkrootkit, that may give you a lot of false positives. An example:
Checking bindshell... INFECTED (PORTS: 465)
Checking lkm... You have 90 process hidden for readdir command
chkproc: Warning: Possible LKM Trojan installed
You also need to understand that a VPS is a virtual server, so many of the chkrootkit tests that are performed on real machines may fail on your VPS.
For example these binaries may fail the test:
as they are not the default ones that come with the OS, instead they are modified files to work for a virtual server.
So what do you do? If you feel someone has hijacked your VPS (or server) at the root level, open a support ticket and ask support to check it for you.
- 0 Users Found This Useful
If you have cPanel, this is due to incompatiblity between the VPS system and cPanel. The VPS...
Please register your private name servers using the tutorial that applies to your domain...
If you would like to change the OS of your VPS, you need to take a complete backup of any of your...
We recommend enterprise level operating systems such as CentOS. This is because it has the most...
VPS is a virtual private server that gives you a separate process environment not shared by other...