Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

read only /bin

Posted on 2008-10-17
2
260 Views
Last Modified: 2013-12-06
Ok. I had a rootkit on a debian sarge.

it set /bin readonly so i cannot substitute infected binaries

how do i setattr /bin (and /sbin) other than formatting?
0
Comment
Question by:illu666
2 Comments
 
LVL 2

Accepted Solution

by:
SirGeeks earned 125 total points
ID: 22743462
You could try running chattr -R -i /bin/* and see if that removes the immutable flag.
0
 

Author Closing Comment

by:illu666
ID: 31507188
it worked: i had to set the directory attributes too. (and give a "-a" too to overwrite infected files)

thank you!
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The purpose of this article is to show how we can create Linux Mint virtual machine using Oracle Virtual Box. To install Linux Mint we have to download the ISO file from its website i.e. http://www.linuxmint.com. Once you open the link you will see …
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question