On 12/1/06, Ralph Angenendt <ra+centos at br-online.de> wrote: > > I'd opt for reinstallation also, as you normall never can really find > out *what* has been changed, if there is/was an active rootkit on that > machine. > > for package in $(rpm -qa); do echo -e "${package}"; rpm -V "${package}"; done > When I run this I get an error message similar to the following for a bunch of the files: prelink: /lib/tls/i486/libdb-4.2.so: at least one of file's dependencies has changed since prelinking I deleted /etc/prelink.cache and manually reran /etc/cron.daily/prelink but I still get the same thing. Anyone have any ideas? I'm pretty I didn't get this problem with rpm -V in the past. Also, this is a Centos4 box yummed up to the latest stuff. Thanks, Kennedy