[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 271
  • Last Modified:

read only /bin

Ok. I had a rootkit on a debian sarge.

it set /bin readonly so i cannot substitute infected binaries

how do i setattr /bin (and /sbin) other than formatting?
0
illu666
Asked:
illu666
1 Solution
 
SirGeeksCommented:
You could try running chattr -R -i /bin/* and see if that removes the immutable flag.
0
 
illu666Author Commented:
it worked: i had to set the directory attributes too. (and give a "-a" too to overwrite infected files)

thank you!
0

Featured Post

Learn to develop an Android App

Want to increase your earning potential in 2018? Pad your resume with app building experience. Learn how with this hands-on course.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now