I'm running centos and just got this email today. Can someone shed some light on this or tell me what I should do about it?
subj: Cron <root@hostname> /root/chkrootkit.sh | grep -v .packlist
/proc/31394/fd: No such file or directory
/proc/31395/fd: No such file or directory
/usr/lib/php/.registry /usr/lib/php/.registry/.channel.pecl.php.net /usr/lib/php/.registry/.channel.__uri /usr/lib/php/.channels /usr/lib/php/.channels/.alias INFECTED (PORTS: 465)
You have 2 process hidden for readdir command
You have 2 process hidden for ps command
chkproc: Warning: Possible LKM Trojan installed The tty of the following user process(es) were not found in /var/run/utmp !
! RUID PID TTY CMD
! root 10451 pts/1 /bin/bash