Portál AbcLinuxu, 8. května 2025 06:48
Please inspect this machine, because it may be infected. Scan log: [01:00:11] Running Rootkit Hunter version 1.3.4 on 17 [01:00:11] [01:00:11] Info: Start date is Mon Mar 28 01:00:11 CEST 2016 [01:00:11] [01:00:11] Checking configuration file and command-line options... [01:00:11] Info: Detected operating system is 'Linux' [01:00:11] Info: Uname output is 'Linux 17.225.forpsi.net 2.6.32-042stab088.4 #1 SMP Thu Apr 3 17:41:05 MSK 2014 i686 i686 i386 GNU/Linux' [01:00:11] Info: Command line is /usr/local/psa/admin/sbin/modules//watchdog/rkhunter -c --configfile /usr/local/psa/etc/modules/watchdog/rkhunter.conf --cronjob --propupd --createlogfile [01:00:11] Info: Environment shell is /bin/sh; rkhunter is using bash [01:00:11] Info: Using configuration file '/usr/local/psa/etc/modules/watchdog/rkhunter.conf' [01:00:11] Info: Installation directory is '/usr/local/psa' [01:00:11] Info: Using language 'en' [01:00:11] Info: Using '/usr/local/psa/var/modules/watchdog/lib/rkhunter/lib/rkhunter/db' as the database directory [01:00:11] Info: Using '/usr/local/psa/var/modules/watchdog/lib/rkhunter/rkhunter/scripts' as the support script directory [01:00:11] Info: Using '/usr/local/sbin /usr/local/bin /usr/sbin /usr/bin /sbin /bin /bin /usr/bin /sbin /usr/sbin /usr/local/bin /usr/local/sbin /usr/libexec /usr/local/libexec' as the command directories [01:00:11] Info: Using '/' as the root directory by default [01:00:11] Info: Using '/usr/local/psa/var/modules/watchdog/lib/rkhunter/lib/rkhunter/tmp' as the temporary directory [01:00:11] Info: Emailing warnings to 'XXXXXXXXX' using command '/usr/local/psa/admin/bin/modules/watchdog/send-mail' [01:00:11] Info: X will be automatically detected [01:00:12] Info: Found the 'diff' command: /usr/bin/diff [01:00:12] Info: Found the 'file' command: /usr/bin/file [01:00:12] Info: Found the 'find' command: /usr/bin/find [01:00:12] Info: Found the 'ifconfig' command: /sbin/ifconfig [01:00:12] Info: Found the 'ip' command: /sbin/ip [01:00:12] Info: Found the 'ldd' command: /usr/bin/ldd [01:00:12] Info: Found the 'lsattr' command: /usr/bin/lsattr [01:00:12] Info: Found the 'lsmod' command: /sbin/lsmod [01:00:12] Info: Found the 'lsof' command: /usr/sbin/lsof [01:00:12] Info: Found the 'mktemp' command: /bin/mktemp [01:00:12] Info: Found the 'netstat' command: /bin/netstat [01:00:12] Info: Found the 'perl' command: /usr/bin/perl [01:00:12] Info: Found the 'ps' command: /bin/ps [01:00:12] Info: Found the 'pwd' command: /bin/pwd [01:00:12] Info: Found the 'readlink' command: /usr/bin/readlink [01:00:12] Info: Found the 'sort' command: /bin/sort [01:00:12] Info: Found the 'stat' command: /usr/bin/stat [01:00:12] Info: Found the 'strings' command: /usr/bin/strings [01:00:12] Info: Found the 'uniq' command: /usr/bin/uniq [01:00:12] Info: System is not using prelinking [01:00:12] Info: Using the '/usr/bin/sha1sum' command for the file hash checks [01:00:12] Info: The hash function field index is set to 1 [01:00:12] Info: Using package manager 'RPM' to update the file hash values [01:00:12] Info: Found the 'rpm' command: /bin/rpm [01:00:12] Info: Using package manager 'RPM' for file property checks [01:00:12] Info: Found the 'rpm' command: /bin/rpm [01:00:12] Info: Previous file attributes were stored [01:00:12] Info: Current file attributes will be stored [01:00:12] Info: Enabled tests are: all [01:00:12] Info: Disabled tests are: suspscan hidden_procs deleted_files packet_cap_apps [01:00:12] Info: All ksyms and kallsyms checks will be skipped - neither file is present on the system. [01:00:12] [01:00:12] Info: Starting file properties data update... [01:00:13] Info: Created temporary file '/usr/local/psa/var/modules/watchdog/lib/rkhunter/lib/rkhunter/tmp/rkhunter.dat.wFlDnUxLlR' [01:00:13] Collecting O/S info... [01:00:13] Info: Found system architecture: i686 [01:00:13] Info: Found release file: /etc/centos-release [01:00:13] Info: Found O/S name: CentOS release 6.7 (Final) [01:00:13] Getting file properties... [01:00:30] Info: Found 42 files in /bin [01:00:58] Info: Found 53 files in /usr/bin [01:01:09] Info: Found 18 files in /sbin [01:01:17] Info: Found 15 files in /usr/sbin [01:01:17] Info: Found 0 files in /usr/local/bin [01:01:17] Info: Found 0 files in /usr/local/sbin [01:01:17] Info: Found 0 files in /usr/libexec [01:01:17] Info: Found 0 files in /usr/local/libexec [01:01:17] Info: File created: searched for 151 files, found 128 [01:01:17] Info: New rkhunter.dat file installed in '/usr/local/psa/var/modules/watchdog/lib/rkhunter/lib/rkhunter/db' [01:01:17] [01:01:17] Starting system checks... [01:01:17] [01:01:17] Checking system commands... [01:01:17] Info: Starting test name 'system_commands' [01:01:17] [01:01:17] Performing 'strings' command checks [01:01:17] Info: Starting test name 'strings' [01:01:18] Scanning for string /usr/sbin/ntpsx [ OK ] [01:01:18] Scanning for string /usr/lib/.../ls [ OK ] [01:01:18] Scanning for string /usr/lib/.../netstat [ OK ] [01:01:18] Scanning for string /usr/lib/.../lsof [ OK ] [01:01:18] Scanning for string /usr/lib/.../bkit-ssh/bkit-shdcfg [ OK ] [01:01:18] Scanning for string /usr/lib/.../bkit-ssh/bkit-shhk [ OK ] [01:01:18] Scanning for string /usr/lib/.../bkit-ssh/bkit-pw [ OK ] [01:01:18] Scanning for string /usr/lib/.../bkit-ssh/bkit-shrs [ OK ] [01:01:18] Scanning for string /usr/lib/.../uconf.inv [ OK ] [01:01:18] Scanning for string /usr/lib/.../psr [ OK ] [01:01:18] Scanning for string /usr/lib/.../find [ OK ] [01:01:18] Scanning for string /usr/lib/.../pstree [ OK ] [01:01:18] Scanning for string /usr/lib/.../slocate [ OK ] [01:01:18] Scanning for string /usr/lib/.../du [ OK ] [01:01:18] Scanning for string /usr/lib/.../top [ OK ] [01:01:18] Scanning for string /usr/lib/... [ OK ] [01:01:19] Scanning for string /usr/lib/.../bkit-ssh [ OK ] [01:01:19] Scanning for string /usr/lib/.bkit- [ OK ] [01:01:19] Scanning for string /tmp/.bkp [ OK ] [01:01:19] Scanning for string /tmp/.cinik [ OK ] [01:01:19] Scanning for string /tmp/.font-unix/.cinik [ OK ] [01:01:19] Scanning for string /lib/.sso [ OK ] [01:01:19] Scanning for string /lib/.so [ OK ] [01:01:19] Scanning for string /var/run/...dica/clean [ OK ] [01:01:19] Scanning for string /var/run/...dica/xl [ OK ] [01:01:19] Scanning for string /var/run/...dica/xdr [ OK ] [01:01:19] Scanning for string /var/run/...dica/psg [ OK ] [01:01:19] Scanning for string /var/run/...dica/secure [ OK ] [01:01:19] Scanning for string /var/run/...dica/rdx [ OK ] [01:01:19] Scanning for string /var/run/...dica/va [ OK ] [01:01:19] Scanning for string /var/run/...dica/cl.sh [ OK ] [01:01:19] Scanning for string /usr/bin/.etc [ OK ] [01:01:19] Scanning for string /usr/lib/.fx/sched_host.2 [ OK ] [01:01:19] Scanning for string /usr/lib/.fx/random_d.2 [ OK ] [01:01:20] Scanning for string /usr/lib/.fx/set_pid.2 [ OK ] [01:01:20] Scanning for string /usr/lib/.fx/cons.saver [ OK ] [01:01:20] Scanning for string /usr/lib/.fx/adore/adore/adore.ko [ OK ] [01:01:20] Scanning for string /bin/sysback [ OK ] [01:01:20] Scanning for string /usr/local/bin/sysback [ OK ] [01:01:20] Scanning for string /usr/lib/.tbd [ OK ] [01:01:20] Scanning for string /dev/.lib/lib/lib/t0rns [ OK ] [01:01:20] Scanning for string /dev/.lib/lib/lib/du [ OK ] [01:01:20] Scanning for string /dev/.lib/lib/lib/ls [ OK ] [01:01:20] Scanning for string /dev/.lib/lib/lib/t0rnsb [ OK ] [01:01:20] Scanning for string /dev/.lib/lib/lib/ps [ OK ] [01:01:20] Scanning for string /dev/.lib/lib/lib/t0rnp [ OK ] [01:01:20] Scanning for string /dev/.lib/lib/lib/find [ OK ] [01:01:21] Scanning for string /dev/.lib/lib/lib/ifconfig [ OK ] [01:01:21] Scanning for string /dev/.lib/lib/lib/pg [ OK ] [01:01:21] Scanning for string /dev/.lib/lib/lib/ssh.tgz [ OK ] [01:01:21] Scanning for string /dev/.lib/lib/lib/top [ OK ] [01:01:21] Scanning for string /dev/.lib/lib/lib/sz [ OK ] [01:01:21] Scanning for string /dev/.lib/lib/lib/login [ OK ] [01:01:21] Scanning for string /dev/.lib/lib/lib/in.fingerd [ OK ] [01:01:21] Scanning for string /dev/.lib/lib/lib/1i0n.sh [ OK ] [01:01:21] Scanning for string /dev/.lib/lib/lib/pstree [ OK ] [01:01:21] Scanning for string /dev/.lib/lib/lib/in.telnetd [ OK ] [01:01:21] Scanning for string /dev/.lib/lib/lib/mjy [ OK ] [01:01:21] Scanning for string /dev/.lib/lib/lib/sush [ OK ] [01:01:21] Scanning for string /dev/.lib/lib/lib/tfn [ OK ] [01:01:21] Scanning for string /dev/.lib/lib/lib/name [ OK ] [01:01:21] Scanning for string /dev/.lib/lib/lib/getip.sh [ OK ] [01:01:21] Scanning for string /usr/info/.torn/sh* [ OK ] [01:01:21] Scanning for string /usr/src/.puta/.1addr [ OK ] [01:01:21] Scanning for string /usr/src/.puta/.1file [ OK ] [01:01:22] Scanning for string /usr/src/.puta/.1proc [ OK ] [01:01:22] Scanning for string /usr/src/.puta/.1logz [ OK ] [01:01:22] Scanning for string /usr/info/.t0rn [ OK ] [01:01:22] Scanning for string /dev/.lib [ OK ] [01:01:22] Scanning for string /dev/.lib/lib [ OK ] [01:01:22] Scanning for string /dev/.lib/lib/lib [ OK ] [01:01:22] Scanning for string /dev/.lib/lib/lib/dev [ OK ] [01:01:22] Scanning for string /dev/.lib/lib/scan [ OK ] [01:01:22] Scanning for string /usr/src/.puta [ OK ] [01:01:22] Scanning for string /usr/man/man1/man1 [ OK ] [01:01:22] Scanning for string /usr/man/man1/man1/lib [ OK ] [01:01:22] Scanning for string /usr/man/man1/man1/lib/.lib [ OK ] [01:01:22] Scanning for string /usr/man/man1/man1/lib/.lib/.backup [ OK ] [01:01:22] [01:01:22] Performing 'shared libraries' checks [01:01:22] Info: Starting test name 'shared_libs' [01:01:22] Checking for preloading variables [ None found ] [01:01:22] Checking for preload file [ Not found ] [01:01:23] Info: Starting test name 'shared_libs_path' [01:01:23] Checking LD_LIBRARY_PATH variable [ Not found ] [01:01:23] [01:01:23] Performing file properties checks [01:01:23] Info: Starting test name 'properties' [01:01:23] Warning: Checking for prerequisites [ Warning ] [01:01:23] All file hash checks will be skipped because: [01:01:23] The current hash function (/usr/bin/sha1sum) or package manager (RPM) is incompatible with the hash function (Unset) or package manager (Unset) used to store the values. [01:01:24] /bin/awk [ OK ] [01:01:26] /bin/basename [ OK ] [01:01:27] /bin/bash [ OK ] [01:01:29] /bin/cat [ OK ] [01:01:29] /bin/chmod [ OK ] [01:01:30] /bin/chown [ OK ] [01:01:31] /bin/cp [ OK ] [01:01:33] /bin/csh [ OK ] [01:01:34] /bin/cut [ OK ] [01:01:35] /bin/date [ OK ] [01:01:37] /bin/df [ OK ] [01:01:39] /bin/dmesg [ OK ] [01:01:39] /bin/echo [ OK ] [01:01:41] /bin/ed [ OK ] [01:01:42] /bin/egrep [ OK ] [01:01:42] Info: Found file '/bin/egrep': it is whitelisted for the 'script replacement' check. [01:01:44] /bin/env [ OK ] [01:01:45] /bin/fgrep [ OK ] [01:01:45] Info: Found file '/bin/fgrep': it is whitelisted for the 'script replacement' check. [01:01:47] /bin/find [ OK ] [01:01:49] /bin/grep [ OK ] [01:01:50] /bin/kill [ OK ] [01:01:51] /bin/logger [ OK ] [01:01:53] /bin/login [ OK ] [01:01:54] /bin/ls [ OK ] [01:01:55] /bin/mail [ OK ] [01:01:56] /bin/mktemp [ OK ] [01:01:57] /bin/more [ OK ] [01:01:58] /bin/mount [ OK ] [01:01:59] /bin/mv [ OK ] [01:02:01] /bin/netstat [ OK ] [01:02:03] /bin/ps [ OK ] [01:02:04] /bin/pwd [ OK ] [01:02:05] /bin/readlink [ OK ] [01:02:07] /bin/rpm [ OK ] [01:02:09] /bin/sed [ OK ] [01:02:10] /bin/sh [ OK ] [01:02:11] /bin/sort [ OK ] [01:02:12] /bin/su [ OK ] [01:02:13] /bin/touch [ OK ] [01:02:14] /bin/uname [ OK ] [01:02:15] /bin/gawk [ OK ] [01:02:16] /bin/tcsh [ OK ] [01:02:16] /bin/mailx [ OK ] [01:02:17] /usr/bin/awk [ OK ] [01:02:18] /usr/bin/chattr [ OK ] [01:02:19] /usr/bin/curl [ OK ] [01:02:20] /usr/bin/cut [ OK ] [01:02:21] /usr/bin/diff [ OK ] [01:02:22] /usr/bin/dirname [ OK ] [01:02:22] /usr/bin/du [ OK ] [01:02:23] /usr/bin/env [ OK ] [01:02:24] /usr/bin/file [ OK ] [01:02:25] /usr/bin/find [ OK ] [01:02:26] /usr/bin/GET [ Warning ] [01:02:26] Warning: The command '/usr/bin/GET' has been replaced by a script: /usr/bin/GET: a /usr/bin/perl -w script text executable [01:02:26] /usr/bin/groups [ OK ] [01:02:26] Info: Found file '/usr/bin/groups': it is whitelisted for the 'script replacement' check. [01:02:27] /usr/bin/head [ OK ] [01:02:28] /usr/bin/id [ OK ] [01:02:28] /usr/bin/kill [ OK ] [01:02:29] /usr/bin/killall [ OK ] [01:02:30] /usr/bin/last [ OK ] [01:02:31] /usr/bin/lastlog [ OK ] [01:02:32] /usr/bin/ldd [ OK ] [01:02:32] Info: Found file '/usr/bin/ldd': it is whitelisted for the 'script replacement' check. [01:02:33] /usr/bin/less [ OK ] [01:02:34] /usr/bin/locate [ OK ] [01:02:35] /usr/bin/logger [ OK ] [01:02:36] /usr/bin/lsattr [ OK ] [01:02:37] /usr/bin/lynx [ OK ] [01:02:37] /usr/bin/md5sum [ OK ] [01:02:38] /usr/bin/newgrp [ OK ] [01:02:39] /usr/bin/passwd [ OK ] [01:02:39] Info: Found file '/usr/bin/passwd': it is whitelisted for the 'file immutable-bit' check. [01:02:42] /usr/bin/perl [ OK ] [01:02:42] /usr/bin/pstree [ OK ] [01:02:43] /usr/bin/readlink [ OK ] [01:02:44] /usr/bin/runcon [ OK ] [01:02:44] /usr/bin/sha1sum [ OK ] [01:02:45] /usr/bin/size [ OK ] [01:02:46] /usr/bin/stat [ OK ] [01:02:47] /usr/bin/strings [ OK ] [01:02:48] /usr/bin/sudo [ OK ] [01:02:49] /usr/bin/tail [ OK ] [01:02:49] /usr/bin/test [ OK ] [01:02:50] /usr/bin/top [ OK ] [01:02:51] /usr/bin/tr [ OK ] [01:02:52] /usr/bin/uniq [ OK ] [01:02:53] /usr/bin/users [ OK ] [01:02:54] /usr/bin/vmstat [ OK ] [01:02:54] /usr/bin/w [ OK ] [01:02:55] /usr/bin/watch [ OK ] [01:02:55] /usr/bin/wc [ OK ] [01:02:56] /usr/bin/wget [ OK ] [01:02:57] /usr/bin/whatis [ OK ] [01:02:57] Info: Found file '/usr/bin/whatis': it is whitelisted for the 'script replacement' check. [01:02:58] /usr/bin/whereis [ OK ] [01:02:59] /usr/bin/which [ OK ] [01:03:00] /usr/bin/who [ OK ] [01:03:01] /usr/bin/whoami [ OK ] [01:03:02] /usr/bin/gawk [ OK ] [01:03:03] /sbin/chkconfig [ OK ] [01:03:04] /sbin/depmod [ OK ] [01:03:04] /sbin/fuser [ OK ] [01:03:05] /sbin/ifconfig [ OK ] [01:03:06] /sbin/ifdown [ Warning ] [01:03:07] Warning: The command '/sbin/ifdown' has been replaced by a script: /sbin/ifdown: Bourne-Again shell script text executable [01:03:08] /sbin/ifup [ Warning ] [01:03:08] Warning: The command '/sbin/ifup' has been replaced by a script: /sbin/ifup: Bourne-Again shell script text executable [01:03:09] /sbin/init [ OK ] [01:03:09] Info: Found file '/sbin/init': it is whitelisted for the 'file immutable-bit' check. [01:03:10] /sbin/insmod [ OK ] [01:03:12] /sbin/ip [ OK ] [01:03:13] /sbin/lsmod [ OK ] [01:03:14] /sbin/modinfo [ OK ] [01:03:15] /sbin/modprobe [ OK ] [01:03:15] /sbin/nologin [ OK ] [01:03:16] /sbin/rmmod [ OK ] [01:03:17] /sbin/rsyslogd [ OK ] [01:03:17] /sbin/runlevel [ OK ] [01:03:18] /sbin/sulogin [ OK ] [01:03:19] /sbin/sysctl [ OK ] [01:03:19] /usr/sbin/adduser [ OK ] [01:03:20] Info: Found file '/usr/sbin/adduser': it is whitelisted for the 'script replacement' check. [01:03:20] /usr/sbin/chroot [ OK ] [01:03:21] /usr/sbin/groupadd [ OK ] [01:03:22] /usr/sbin/groupdel [ OK ] [01:03:22] /usr/sbin/groupmod [ OK ] [01:03:23] /usr/sbin/grpck [ OK ] [01:03:24] /usr/sbin/lsof [ OK ] [01:03:25] /usr/sbin/pwck [ OK ] [01:03:26] /usr/sbin/sestatus [ OK ] [01:03:27] /usr/sbin/tcpd [ OK ] [01:03:27] /usr/sbin/useradd [ OK ] [01:03:28] /usr/sbin/userdel [ OK ] [01:03:29] /usr/sbin/usermod [ OK ] [01:03:29] /usr/sbin/vipw [ OK ] [01:03:30] /usr/sbin/xinetd [ OK ] [01:03:35] [01:03:35] Checking for rootkits... [01:03:35] Info: Starting test name 'rootkits' [01:03:35] [01:03:35] Performing check of known rootkit files and directories [01:03:35] Info: Starting test name 'known_rkts' [01:03:35] [01:03:35] Checking for 55808 Trojan - Variant A... [01:03:35] Checking for file '/tmp/.../r' [ Not found ] [01:03:35] Checking for file '/tmp/.../a' [ Not found ] [01:03:35] 55808 Trojan - Variant A [ Not found ] [01:03:35] [01:03:35] Checking for ADM Worm... [01:03:35] Checking for string 'w0rm' [ Not found ] [01:03:35] ADM Worm [ Not found ] [01:03:35] [01:03:35] Checking for AjaKit Rootkit... [01:03:35] Checking for file '/dev/tux/.addr' [ Not found ] [01:03:35] Checking for file '/dev/tux/.proc' [ Not found ] [01:03:35] Checking for file '/dev/tux/.file' [ Not found ] [01:03:36] Checking for file '/lib/.libgh-gh/cleaner' [ Not found ] [01:03:36] Checking for file '/lib/.libgh-gh/Patch/patch' [ Not found ] [01:03:36] Checking for file '/lib/.libgh-gh/sb0k' [ Not found ] [01:03:36] Checking for directory '/dev/tux' [ Not found ] [01:03:36] Checking for directory '/lib/.libgh-gh' [ Not found ] [01:03:36] AjaKit Rootkit [ Not found ] [01:03:36] [01:03:36] Checking for aPa Kit... [01:03:36] Checking for file '/usr/share/.aPa' [ Not found ] [01:03:36] aPa Kit [ Not found ] [01:03:36] [01:03:36] Checking for Apache Worm... [01:03:36] Checking for file '/bin/.log' [ Not found ] [01:03:36] Apache Worm [ Not found ] [01:03:36] [01:03:36] Checking for Ambient (ark) Rootkit... [01:03:36] Checking for file '/usr/lib/.ark?' [ Not found ] [01:03:36] Checking for file '/dev/ptyxx/.log' [ Not found ] [01:03:36] Checking for file '/dev/ptyxx/.file' [ Not found ] [01:03:36] Checking for directory '/dev/ptyxx' [ Not found ] [01:03:36] Ambient (ark) Rootkit [ Not found ] [01:03:36] [01:03:36] Checking for Balaur Rootkit... [01:03:36] Checking for file '/usr/lib/liblog.o' [ Not found ] [01:03:37] Checking for directory '/usr/lib/.kinetic' [ Not found ] [01:03:37] Checking for directory '/usr/lib/.egcs' [ Not found ] [01:03:37] Checking for directory '/usr/lib/.wormie' [ Not found ] [01:03:37] Balaur Rootkit [ Not found ] [01:03:37] [01:03:37] Checking for BeastKit Rootkit... [01:03:37] Checking for file '/usr/sbin/arobia' [ Not found ] [01:03:37] Checking for file '/usr/sbin/idrun' [ Not found ] [01:03:37] Checking for file '/usr/lib/elm/arobia/elm' [ Not found ] [01:03:37] Checking for file '/usr/lib/elm/arobia/elm/hk' [ Not found ] [01:03:37] Checking for file '/usr/lib/elm/arobia/elm/hk.pub' [ Not found ] [01:03:37] Checking for file '/usr/lib/elm/arobia/elm/sc' [ Not found ] [01:03:37] Checking for file '/usr/lib/elm/arobia/elm/sd.pp' [ Not found ] [01:03:37] Checking for file '/usr/lib/elm/arobia/elm/sdco' [ Not found ] [01:03:37] Checking for file '/usr/lib/elm/arobia/elm/srsd' [ Not found ] [01:03:37] Checking for directory '/lib/ldd.so/bktools' [ Not found ] [01:03:37] BeastKit Rootkit [ Not found ] [01:03:37] [01:03:37] Checking for beX2 Rootkit... [01:03:37] Checking for directory '/usr/include/bex' [ Not found ] [01:03:37] beX2 Rootkit [ Not found ] [01:03:38] [01:03:38] Checking for BOBKit Rootkit... [01:03:38] Checking for file '/usr/sbin/ntpsx' [ Not found ] [01:03:38] Checking for file '/usr/lib/.../ls' [ Not found ] [01:03:38] Checking for file '/usr/lib/.../netstat' [ Not found ] [01:03:38] Checking for file '/usr/lib/.../lsof' [ Not found ] [01:03:38] Checking for file '/usr/lib/.../bkit-ssh/bkit-shdcfg' [ Not found ] [01:03:38] Checking for file '/usr/lib/.../bkit-ssh/bkit-shhk' [ Not found ] [01:03:38] Checking for file '/usr/lib/.../bkit-ssh/bkit-pw' [ Not found ] [01:03:38] Checking for file '/usr/lib/.../bkit-ssh/bkit-shrs' [ Not found ] [01:03:38] Checking for file '/usr/lib/.../uconf.inv' [ Not found ] [01:03:38] Checking for file '/usr/lib/.../psr' [ Not found ] [01:03:38] Checking for file '/usr/lib/.../find' [ Not found ] [01:03:38] Checking for file '/usr/lib/.../pstree' [ Not found ] [01:03:38] Checking for file '/usr/lib/.../slocate' [ Not found ] [01:03:38] Checking for file '/usr/lib/.../du' [ Not found ] [01:03:38] Checking for file '/usr/lib/.../top' [ Not found ] [01:03:38] Checking for directory '/usr/lib/...' [ Not found ] [01:03:38] Checking for directory '/usr/lib/.../bkit-ssh' [ Not found ] [01:03:38] Checking for directory '/usr/lib/.bkit-' [ Not found ] [01:03:38] Checking for directory '/tmp/.bkp' [ Not found ] [01:03:39] BOBKit Rootkit [ Not found ] [01:03:39] [01:03:39] Checking for CiNIK Worm (Slapper.B variant)... [01:03:39] Checking for file '/tmp/.cinik' [ Not found ] [01:03:39] Checking for directory '/tmp/.font-unix/.cinik' [ Not found ] [01:03:39] CiNIK Worm (Slapper.B variant) [ Not found ] [01:03:39] [01:03:39] Checking for Danny-Boy's Abuse Kit... [01:03:39] Checking for file '/dev/mdev' [ Not found ] [01:03:39] Checking for file '/usr/lib/libX.a' [ Not found ] [01:03:39] Danny-Boy's Abuse Kit [ Not found ] [01:03:39] [01:03:39] Checking for Devil RootKit... [01:03:39] Checking for file '/var/lib/games/.src' [ Not found ] [01:03:39] Checking for file '/dev/dsx' [ Not found ] [01:03:39] Checking for file '/dev/caca' [ Not found ] [01:03:39] Devil RootKit [ Not found ] [01:03:39] [01:03:39] Checking for Dica-Kit Rootkit... [01:03:39] Checking for file '/lib/.sso' [ Not found ] [01:03:39] Checking for file '/lib/.so' [ Not found ] [01:03:39] Checking for file '/var/run/...dica/clean' [ Not found ] [01:03:39] Checking for file '/var/run/...dica/xl' [ Not found ] [01:03:39] Checking for file '/var/run/...dica/xdr' [ Not found ] [01:03:39] Checking for file '/var/run/...dica/psg' [ Not found ] [01:03:40] Checking for file '/var/run/...dica/secure' [ Not found ] [01:03:40] Checking for file '/var/run/...dica/rdx' [ Not found ] [01:03:40] Checking for file '/var/run/...dica/va' [ Not found ] [01:03:40] Checking for file '/var/run/...dica/cl.sh' [ Not found ] [01:03:40] Checking for file '/usr/bin/.etc' [ Not found ] [01:03:40] Checking for directory '/var/run/...dica' [ Not found ] [01:03:40] Checking for directory '/var/run/...dica/mh' [ Not found ] [01:03:40] Checking for directory '/var/run/...dica/scan' [ Not found ] [01:03:40] Dica-Kit Rootkit [ Not found ] [01:03:40] [01:03:40] Checking for Dreams Rootkit... [01:03:40] Checking for file '/dev/ttyoa' [ Not found ] [01:03:40] Checking for file '/dev/ttyof' [ Not found ] [01:03:40] Checking for file '/dev/ttyop' [ Not found ] [01:03:40] Checking for file '/usr/bin/sense' [ Not found ] [01:03:40] Checking for file '/usr/bin/sl2' [ Not found ] [01:03:40] Checking for file '/usr/bin/logclear' [ Not found ] [01:03:40] Checking for file '/usr/bin/(swapd)' [ Not found ] [01:03:40] Checking for file '/usr/bin/snfs' [ Not found ] [01:03:41] Checking for file '/usr/lib/libsss' [ Not found ] [01:03:41] Checking for directory '/dev/ida/.hpd' [ Not found ] [01:03:41] Dreams Rootkit [ Not found ] [01:03:41] [01:03:41] Checking for Duarawkz Rootkit... [01:03:41] Checking for file '/usr/bin/duarawkz/loginpass' [ Not found ] [01:03:41] Checking for directory '/usr/bin/duarawkz' [ Not found ] [01:03:41] Duarawkz Rootkit [ Not found ] [01:03:41] [01:03:41] Checking for Enye LKM... [01:03:41] Checking for file '/etc/.enyelkmHIDE^IT.ko' [ Not found ] [01:03:41] Enye LKM [ Not found ] [01:03:41] [01:03:41] Checking for Flea Linux Rootkit... [01:03:41] Checking for file '/etc/ld.so.hash' [ Not found ] [01:03:41] Checking for file '/lib/security/.config/ssh/ssh_host_key' [ Not found ] [01:03:41] Checking for file '/lib/security/.config/ssh/ssh_host_key.pub' [ Not found ] [01:03:41] Checking for file '/lib/security/.config/ssh/ssh_random_seed' [ Not found ] [01:03:41] Checking for file '/usr/bin/ssh2d' [ Not found ] [01:03:41] Checking for file '/usr/lib/ldlibns.so' [ Not found ] [01:03:41] Checking for file '/usr/lib/ldlibpst.so' [ Not found ] [01:03:41] Checking for file '/usr/lib/ldlibdu.so' [ Not found ] [01:03:41] Checking for file '/usr/lib/ldlibct.so' [ Not found ] [01:03:41] Checking for directory '/lib/security/.config/ssh' [ Not found ] [01:03:42] Checking for directory '/dev/..0' [ Not found ] [01:03:42] Checking for directory '/dev/..0/backup' [ Not found ] [01:03:42] Flea Linux Rootkit [ Not found ] [01:03:42] [01:03:42] Checking for FreeBSD Rootkit... [01:03:42] Checking for file '/usr/lib/.fx/sched_host.2' [ Not found ] [01:03:42] Checking for file '/usr/lib/.fx/random_d.2' [ Not found ] [01:03:42] Checking for file '/usr/lib/.fx/set_pid.2' [ Not found ] [01:03:42] Checking for file '/usr/lib/.fx/cons.saver' [ Not found ] [01:03:42] Checking for file '/usr/lib/.fx/adore/adore/adore.ko' [ Not found ] [01:03:42] Checking for file '/bin/sysback' [ Not found ] [01:03:42] Checking for file '/usr/local/bin/sysback' [ Not found ] [01:03:42] Checking for directory '/usr/lib/.fx' [ Not found ] [01:03:42] Checking for directory '/usr/lib/.fx/adore' [ Not found ] [01:03:42] FreeBSD Rootkit [ Not found ] [01:03:42] [01:03:42] Checking for Fuck`it Rootkit... [01:03:42] Checking for file '/dev/proc/fuckit/hax0r' [ Not found ] [01:03:42] Checking for file '/dev/proc/fuckit/hax0rshell' [ Not found ] [01:03:42] Checking for file '/dev/proc/fuckit/config/lports' [ Not found ] [01:03:43] Checking for file '/dev/proc/fuckit/config/rports' [ Not found ] [01:03:43] Checking for file '/dev/proc/fuckit/config/rkconf' [ Not found ] [01:03:43] Checking for file '/dev/proc/fuckit/config/password' [ Not found ] [01:03:43] Checking for file '/dev/proc/fuckit/config/progs' [ Not found ] [01:03:43] Checking for file '/dev/proc/system-bins/init' [ Not found ] [01:03:43] Fuck`it Rootkit [ Not found ] [01:03:43] [01:03:43] Checking for GasKit Rootkit... [01:03:43] Checking for file '/dev/dev/gaskit/sshd/sshdd' [ Not found ] [01:03:43] Checking for directory '/dev/dev' [ Not found ] [01:03:43] Checking for directory '/dev/dev/gaskit' [ Not found ] [01:03:43] Checking for directory '/dev/dev/gaskit/sshd' [ Not found ] [01:03:43] GasKit Rootkit [ Not found ] [01:03:43] [01:03:43] Checking for Heroin LKM... [01:03:43] Checking for kernel symbol 'heroin' [ Skipped ] [01:03:43] Heroin LKM [ Not found ] [01:03:43] [01:03:43] Checking for HjC Kit... [01:03:43] Checking for directory '/dev/.hijackerz' [ Not found ] [01:03:43] HjC Kit [ Not found ] [01:03:43] [01:03:43] Checking for ignoKit Rootkit... [01:03:43] Checking for file '/lib/defs/p' [ Not found ] [01:03:43] Checking for file '/lib/defs/q' [ Not found ] [01:03:43] Checking for file '/lib/defs/r' [ Not found ] [01:03:44] Checking for file '/lib/defs/s' [ Not found ] [01:03:44] Checking for file '/lib/defs/t' [ Not found ] [01:03:44] Checking for file '/usr/lib/defs/p' [ Not found ] [01:03:44] Checking for file '/usr/lib/defs/q' [ Not found ] [01:03:44] Checking for file '/usr/lib/defs/r' [ Not found ] [01:03:44] Checking for file '/usr/lib/defs/s' [ Not found ] [01:03:44] Checking for file '/usr/lib/defs/t' [ Not found ] [01:03:44] Checking for file '/usr/lib/.libigno/pkunsec' [ Not found ] [01:03:44] Checking for file '/usr/lib/.libigno/.igno/psybnc/psybnc' [ Not found ] [01:03:44] Checking for directory '/usr/lib/.libigno' [ Not found ] [01:03:44] Checking for directory '/usr/lib/.libigno/.igno' [ Not found ] [01:03:44] ignoKit Rootkit [ Not found ] [01:03:44] [01:03:44] Checking for ImperalsS-FBRK Rootkit... [01:03:44] Checking for directory '/dev/fd/.88' [ Not found ] [01:03:44] Checking for directory '/dev/fd/.99' [ Not found ] [01:03:44] ImperalsS-FBRK Rootkit [ Not found ] [01:03:44] [01:03:44] Checking for IntoXonia-NG Rootkit... [01:03:44] Checking for kernel symbol 'funces' [ Skipped ] [01:03:44] Checking for kernel symbol 'ixinit' [ Skipped ] [01:03:45] Checking for kernel symbol 'tricks' [ Skipped ] [01:03:45] Checking for kernel symbol 'kernel_unlink' [ Skipped ] [01:03:45] Checking for kernel symbol 'rootme' [ Skipped ] [01:03:45] Checking for kernel symbol 'hide_module' [ Skipped ] [01:03:45] Checking for kernel symbol 'find_sys_call_tbl' [ Skipped ] [01:03:45] IntoXonia-NG Rootkit [ Not found ] [01:03:45] [01:03:45] Checking for Irix Rootkit... [01:03:45] Checking for directory '/dev/pts/01' [ Not found ] [01:03:45] Checking for directory '/dev/pts/01/backup' [ Not found ] [01:03:45] Checking for directory '/dev/pts/01/etc' [ Not found ] [01:03:45] Checking for directory '/dev/pts/01/tmp' [ Not found ] [01:03:45] Irix Rootkit [ Not found ] [01:03:45] [01:03:45] Checking for Kitko Rootkit... [01:03:45] Checking for directory '/usr/src/redhat/SRPMS/...' [ Not found ] [01:03:45] Kitko Rootkit [ Not found ] [01:03:45] [01:03:45] Checking for Knark Rootkit... [01:03:45] Checking for file '/proc/knark/pids' [ Not found ] [01:03:45] Checking for directory '/proc/knark' [ Not found ] [01:03:45] Knark Rootkit [ Not found ] [01:03:45] [01:03:45] Checking for Li0n Worm... [01:03:45] Checking for file '/bin/in.telnetd' [ Not found ] [01:03:46] Checking for file '/bin/mjy' [ Not found ] [01:03:46] Checking for file '/usr/man/man1/man1/lib/.lib/mjy' [ Not found ] [01:03:46] Checking for file '/usr/man/man1/man1/lib/.lib/in.telnetd' [ Not found ] [01:03:46] Checking for file '/usr/man/man1/man1/lib/.lib/.x' [ Not found ] [01:03:46] Checking for file '/dev/.lib/lib/scan/1i0n.sh' [ Not found ] [01:03:46] Checking for file '/dev/.lib/lib/scan/hack.sh' [ Not found ] [01:03:46] Checking for file '/dev/.lib/lib/scan/bind' [ Not found ] [01:03:46] Checking for file '/dev/.lib/lib/scan/randb' [ Not found ] [01:03:46] Checking for file '/dev/.lib/lib/scan/scan.sh' [ Not found ] [01:03:46] Checking for file '/dev/.lib/lib/scan/pscan' [ Not found ] [01:03:46] Checking for file '/dev/.lib/lib/scan/star.sh' [ Not found ] [01:03:46] Checking for file '/dev/.lib/lib/scan/bindx.sh' [ Not found ] [01:03:46] Checking for file '/dev/.lib/lib/scan/bindname.log' [ Not found ] [01:03:46] Checking for file '/dev/.lib/lib/1i0n.sh' [ Not found ] [01:03:46] Checking for file '/dev/.lib/lib/lib/netstat' [ Not found ] [01:03:46] Checking for file '/dev/.lib/lib/lib/dev/.1addr' [ Not found ] [01:03:46] Checking for file '/dev/.lib/lib/lib/dev/.1logz' [ Not found ] [01:03:46] Checking for file '/dev/.lib/lib/lib/dev/.1proc' [ Not found ] [01:03:46] Checking for file '/dev/.lib/lib/lib/dev/.1file' [ Not found ] [01:03:47] Li0n Worm [ Not found ] [01:03:47] [01:03:47] Checking for Lockit / LJK2 Rootkit... [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_config' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_host_key' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_host_key.pub' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_random_seed*' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/sshd_config' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/backdoor/RK1bd' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/du' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ifconfig' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/inetd.conf' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/locate' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/login' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ls' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/netstat' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ps' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/pstree' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/rc.sysinit' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/syslogd' [ Not found ] [01:03:47] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/tcpd' [ Not found ] [01:03:48] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/top' [ Not found ] [01:03:48] Checking for file '/usr/lib/libmen.oo/.LJK2/clean/RK1sauber' [ Not found ] [01:03:48] Checking for file '/usr/lib/libmen.oo/.LJK2/clean/RK1wted' [ Not found ] [01:03:48] Checking for file '/usr/lib/libmen.oo/.LJK2/hack/RK1parser' [ Not found ] [01:03:48] Checking for file '/usr/lib/libmen.oo/.LJK2/hack/RK1sniff' [ Not found ] [01:03:48] Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1addr' [ Not found ] [01:03:48] Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1dir' [ Not found ] [01:03:48] Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1log' [ Not found ] [01:03:48] Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1proc' [ Not found ] [01:03:48] Checking for file '/usr/lib/libmen.oo/.LJK2/hide/RK1phidemod.c' [ Not found ] [01:03:48] Checking for file '/usr/lib/libmen.oo/.LJK2/modules/README.modules' [ Not found ] [01:03:48] Checking for file '/usr/lib/libmen.oo/.LJK2/modules/RK1hidem.c' [ Not found ] [01:03:48] Checking for file '/usr/lib/libmen.oo/.LJK2/modules/RK1phide' [ Not found ] [01:03:48] Checking for file '/usr/lib/libmen.oo/.LJK2/sshconfig/RK1ssh' [ Not found ] [01:03:48] Checking for directory '/usr/lib/libmen.oo/.LJK2' [ Not found ] [01:03:48] Lockit / LJK2 Rootkit [ Not found ] [01:03:48] [01:03:48] Checking for Mood-NT Rootkit... [01:03:48] Checking for file '/sbin/init__mood-nt-_-_cthulhu' [ Not found ] [01:03:48] Checking for file '/_cthulhu/mood-nt.init' [ Not found ] [01:03:49] Checking for file '/_cthulhu/mood-nt.conf' [ Not found ] [01:03:49] Checking for file '/_cthulhu/mood-nt.sniff' [ Not found ] [01:03:49] Checking for directory '/_cthulhu' [ Not found ] [01:03:49] Mood-NT Rootkit [ Not found ] [01:03:49] [01:03:49] Checking for MRK Rootkit... [01:03:49] Checking for file '/dev/ida/.inet/pid' [ Not found ] [01:03:49] Checking for file '/dev/ida/.inet/ssh_host_key' [ Not found ] [01:03:49] Checking for file '/dev/ida/.inet/ssh_random_seed' [ Not found ] [01:03:49] Checking for file '/dev/ida/.inet/tcp.log' [ Not found ] [01:03:49] Checking for directory '/dev/ida/.inet' [ Not found ] [01:03:49] Checking for directory '/var/spool/cron/.sh' [ Not found ] [01:03:49] MRK Rootkit [ Not found ] [01:03:49] [01:03:49] Checking for Ni0 Rootkit... [01:03:49] Checking for file '/var/lock/subsys/...datafile.../...net...' [ Not found ] [01:03:49] Checking for file '/var/lock/subsys/...datafile.../...port...' [ Not found ] [01:03:49] Checking for file '/var/lock/subsys/...datafile.../...ps...' [ Not found ] [01:03:49] Checking for file '/var/lock/subsys/...datafile.../...file...' [ Not found ] [01:03:49] Checking for directory '/tmp/waza' [ Not found ] [01:03:49] Checking for directory '/var/lock/subsys/...datafile...' [ Not found ] [01:03:49] Checking for directory '/usr/sbin/es' [ Not found ] [01:03:49] Ni0 Rootkit [ Not found ] [01:03:50] [01:03:50] Checking for Ohhara Rootkit... [01:03:50] Checking for file '/var/lock/subsys/...datafile.../...datafile.../in.smbd.log' [ Not found ] [01:03:50] Checking for directory '/var/lock/subsys/...datafile...' [ Not found ] [01:03:50] Checking for directory '/var/lock/subsys/...datafile.../...datafile...' [ Not found ] [01:03:50] Checking for directory '/var/lock/subsys/...datafile.../...datafile.../bin' [ Not found ] [01:03:50] Checking for directory '/var/lock/subsys/...datafile.../...datafile.../usr/bin' [ Not found ] [01:03:50] Checking for directory '/var/lock/subsys/...datafile.../...datafile.../usr/sbin' [ Not found ] [01:03:50] Checking for directory '/var/lock/subsys/...datafile.../...datafile.../lib/security' [ Not found ] [01:03:50] Ohhara Rootkit [ Not found ] [01:03:50] [01:03:50] Checking for Optic Kit (Tux) Worm... [01:03:50] Checking for directory '/dev/tux' [ Not found ] [01:03:50] Checking for directory '/usr/bin/xchk' [ Not found ] [01:03:50] Checking for directory '/usr/bin/xsf' [ Not found ] [01:03:50] Checking for directory '/usr/bin/ssh2d' [ Not found ] [01:03:50] Optic Kit (Tux) Worm [ Not found ] [01:03:50] [01:03:50] Checking for Oz Rootkit... [01:03:50] Checking for file '/dev/.oz/.nap/rkit/terror' [ Not found ] [01:03:50] Checking for directory '/dev/.oz' [ Not found ] [01:03:50] Oz Rootkit [ Not found ] [01:03:50] [01:03:50] Checking for Phalanx Rootkit... [01:03:50] Checking for file '/usr/share/.home.ph1/cb' [ Not found ] [01:03:51] Checking for file '/etc/host.ph1' [ Not found ] [01:03:51] Checking for file '/bin/host.ph1' [ Not found ] [01:03:51] Checking for file '/usr/share/.home.ph1/phalanx' [ Not found ] [01:03:51] Checking for directory '/usr/share/.home.ph1' [ Not found ] [01:03:51] Phalanx Rootkit [ Not found ] [01:03:51] [01:03:51] Checking for Phalanx Rootkit (strings)... [01:03:51] Checking for string 'phalanx' [ Not found ] [01:03:51] Phalanx Rootkit (strings) [ Not found ] [01:03:51] [01:03:51] Checking for Phalanx2 Rootkit... [01:03:51] Checking for file '/etc/khubd.p2/.p2rc' [ Not found ] [01:03:51] Checking for file '/etc/khubd.p2/.phalanx2' [ Not found ] [01:03:51] Checking for file '/etc/khubd.p2/.sniff' [ Not found ] [01:03:51] Checking for file '/etc/khubd.p2/sshgrab.py' [ Not found ] [01:03:51] Checking for file '/etc/lolzz.p2/.p2rc' [ Not found ] [01:03:51] Checking for file '/etc/lolzz.p2/.phalanx2' [ Not found ] [01:03:51] Checking for file '/etc/lolzz.p2/.sniff' [ Not found ] [01:03:51] Checking for file '/etc/lolzz.p2/sshgrab.py' [ Not found ] [01:03:51] Checking for directory '/etc/khubd.p2' [ Not found ] [01:03:51] Checking for directory '/etc/lolzz.p2' [ Not found ] [01:03:52] Phalanx2 Rootkit [ Not found ] [01:03:52] [01:03:52] Checking for Phalanx2 Rootkit (extended tests)... [01:03:52] Checking for directory '/etc/khubd.p2' [ Not found ] [01:03:52] Checking for directory '/etc/lolzz.p2' [ Not found ] [01:03:52] Phalanx2 Rootkit (extended tests) [ Not found ] [01:03:52] [01:03:52] Checking for Portacelo Rootkit... [01:03:52] Checking for file '/var/lib/.../.ak' [ Not found ] [01:03:52] Checking for file '/var/lib/.../.hk' [ Not found ] [01:03:52] Checking for file '/var/lib/.../.rs' [ Not found ] [01:03:52] Checking for file '/var/lib/.../.p' [ Not found ] [01:03:52] Checking for file '/var/lib/.../getty' [ Not found ] [01:03:52] Checking for file '/var/lib/.../lkt.o' [ Not found ] [01:03:52] Checking for file '/var/lib/.../show' [ Not found ] [01:03:52] Checking for file '/var/lib/.../nlkt.o' [ Not found ] [01:03:52] Checking for file '/var/lib/.../ssshrc' [ Not found ] [01:03:52] Checking for file '/var/lib/.../sssh_equiv' [ Not found ] [01:03:52] Checking for file '/var/lib/.../sssh_known_hosts' [ Not found ] [01:03:52] Checking for file '/var/lib/.../sssh_pid' [ Not found ] [01:03:52] Checking for file '~/.sssh/known_hosts' [ Not found ] [01:03:52] Portacelo Rootkit [ Not found ] [01:03:53] [01:03:53] Checking for R3dstorm Toolkit... [01:03:53] Checking for file '/var/log/tk02/see_all' [ Not found ] [01:03:53] Checking for file '/bin/.../sshd/sbin/sshd1' [ Not found ] [01:03:53] Checking for file '/bin/.../hate/sk' [ Not found ] [01:03:53] Checking for file '/bin/.../see_all' [ Not found ] [01:03:53] Checking for directory '/var/log/tk02' [ Not found ] [01:03:53] Checking for directory '/var/log/tk02/old' [ Not found ] [01:03:53] Checking for directory '/bin/...' [ Not found ] [01:03:53] R3dstorm Toolkit [ Not found ] [01:03:53] [01:03:53] Checking for RH-Sharpe's Rootkit... [01:03:53] Checking for file '/bin/lps' [ Not found ] [01:03:53] Checking for file '/usr/bin/lpstree' [ Not found ] [01:03:53] Checking for file '/usr/bin/ltop' [ Not found ] [01:03:53] Checking for file '/usr/bin/lkillall' [ Not found ] [01:03:53] Checking for file '/usr/bin/ldu' [ Not found ] [01:03:53] Checking for file '/usr/bin/lnetstat' [ Not found ] [01:03:53] Checking for file '/usr/bin/wp' [ Not found ] [01:03:53] Checking for file '/usr/bin/shad' [ Not found ] [01:03:53] Checking for file '/usr/bin/vadim' [ Not found ] [01:03:53] Checking for file '/usr/bin/slice' [ Not found ] [01:03:54] Checking for file '/usr/bin/cleaner' [ Not found ] [01:03:54] Checking for file '/usr/include/rpcsvc/du' [ Not found ] [01:03:54] RH-Sharpe's Rootkit [ Not found ] [01:03:54] [01:03:54] Checking for RSHA's Rootkit... [01:03:54] Checking for file '/bin/kr4p' [ Not found ] [01:03:54] Checking for file '/usr/bin/n3tstat' [ Not found ] [01:03:54] Checking for file '/usr/bin/chsh2' [ Not found ] [01:03:54] Checking for file '/usr/bin/slice2' [ Not found ] [01:03:54] Checking for file '/usr/src/linux/arch/alpha/lib/.lib/.1proc' [ Not found ] [01:03:54] Checking for file '/etc/rc.d/arch/alpha/lib/.lib/.1addr' [ Not found ] [01:03:54] Checking for directory '/etc/rc.d/rsha' [ Not found ] [01:03:54] Checking for directory '/etc/rc.d/arch/alpha/lib/.lib' [ Not found ] [01:03:54] RSHA's Rootkit [ Not found ] [01:03:54] [01:03:54] Checking for Scalper Worm... [01:03:54] Checking for file '/tmp/.a' [ Not found ] [01:03:54] Checking for file '/tmp/.uua' [ Not found ] [01:03:54] Scalper Worm [ Not found ] [01:03:54] [01:03:54] Checking for Sebek LKM... [01:03:54] Checking for kernel symbol 'adore or sebek' [ Skipped ] [01:03:54] Sebek LKM [ Not found ] [01:03:55] [01:03:55] Checking for Shutdown Rootkit... [01:03:55] Checking for file '/usr/man/man5/.. /.dir/scannah/asus' [ Not found ] [01:03:55] Checking for file '/usr/man/man5/.. /.dir/see' [ Not found ] [01:03:55] Checking for file '/usr/man/man5/.. /.dir/nscd' [ Not found ] [01:03:55] Checking for file '/usr/man/man5/.. /.dir/alpd' [ Not found ] [01:03:55] Checking for file '/etc/rc.d/rc.local ' [ Not found ] [01:03:55] Checking for directory '/usr/man/man5/.. /.dir' [ Not found ] [01:03:55] Checking for directory '/usr/man/man5/.. /.dir/scannah' [ Not found ] [01:03:55] Checking for directory '/etc/rc.d/rc0.d/.. /.dir' [ Not found ] [01:03:55] Shutdown Rootkit [ Not found ] [01:03:55] [01:03:55] Checking for SHV4 Rootkit... [01:03:55] Checking for file '/etc/ld.so.hash' [ Not found ] [01:03:55] Checking for file '/lib/libext-2.so.7' [ Not found ] [01:03:55] Checking for file '/lib/lidps1.so' [ Not found ] [01:03:55] Checking for file '/usr/sbin/xntps' [ Not found ] [01:03:55] Checking for directory '/lib/security/.config' [ Not found ] [01:03:55] Checking for directory '/lib/security/.config/ssh' [ Not found ] [01:03:55] SHV4 Rootkit [ Not found ] [01:03:55] [01:03:55] Checking for SHV5 Rootkit... [01:03:55] Checking for file '/etc/sh.conf' [ Not found ] [01:03:56] Checking for file '/dev/srd0' [ Not found ] [01:03:56] Checking for directory '/usr/lib/libsh' [ Not found ] [01:03:56] SHV5 Rootkit [ Not found ] [01:03:56] [01:03:56] Checking for Sin Rootkit... [01:03:56] Checking for file '/dev/.haos/haos1/.f/Denyed' [ Not found ] [01:03:56] Checking for file '/dev/ttyoa' [ Not found ] [01:03:56] Checking for file '/dev/ttyof' [ Not found ] [01:03:56] Checking for file '/dev/ttyop' [ Not found ] [01:03:56] Checking for file '/dev/ttyos' [ Not found ] [01:03:56] Checking for file '/usr/lib/.lib' [ Not found ] [01:03:56] Checking for file '/usr/lib/sn/.X' [ Not found ] [01:03:56] Checking for file '/usr/lib/sn/.sys' [ Not found ] [01:03:56] Checking for file '/usr/lib/ld/.X' [ Not found ] [01:03:56] Checking for file '/usr/man/man1/...' [ Not found ] [01:03:56] Checking for file '/usr/man/man1/.../.m' [ Not found ] [01:03:56] Checking for file '/usr/man/man1/.../.w' [ Not found ] [01:03:56] Checking for directory '/usr/lib/sn' [ Not found ] [01:03:56] Checking for directory '/usr/lib/man1/...' [ Not found ] [01:03:56] Checking for directory '/dev/.haos' [ Not found ] [01:03:56] Sin Rootkit [ Not found ] [01:03:56] [01:03:56] Checking for Slapper Worm... [01:03:56] Checking for file '/tmp/.bugtraq' [ Not found ] [01:03:57] Checking for file '/tmp/.uubugtraq' [ Not found ] [01:03:57] Checking for file '/tmp/.bugtraq.c' [ Not found ] [01:03:57] Checking for file '/tmp/httpd' [ Not found ] [01:03:57] Checking for file '/tmp/.unlock' [ Not found ] [01:03:57] Checking for file '/tmp/update' [ Not found ] [01:03:57] Checking for file '/tmp/.cinik' [ Not found ] [01:03:57] Checking for file '/tmp/.b' [ Not found ] [01:03:57] Slapper Worm [ Not found ] [01:03:57] [01:03:57] Checking for Sneakin Rootkit... [01:03:57] Checking for directory '/tmp/.X11-unix/.../rk' [ Not found ] [01:03:57] Sneakin Rootkit [ Not found ] [01:03:57] [01:03:57] Checking for Suckit Rootkit... [01:03:57] Checking for file '/sbin/initsk12' [ Not found ] [01:03:57] Checking for file '/sbin/initxrk' [ Not found ] [01:03:57] Checking for file '/usr/bin/null' [ Not found ] [01:03:57] Checking for file '/usr/share/locale/sk/.sk12/sk' [ Not found ] [01:03:57] Checking for file '/etc/rc.d/rc0.d/S23kmdac' [ Not found ] [01:03:57] Checking for file '/etc/rc.d/rc1.d/S23kmdac' [ Not found ] [01:03:57] Checking for file '/etc/rc.d/rc2.d/S23kmdac' [ Not found ] [01:03:57] Checking for file '/etc/rc.d/rc3.d/S23kmdac' [ Not found ] [01:03:58] Checking for file '/etc/rc.d/rc4.d/S23kmdac' [ Not found ] [01:03:58] Checking for file '/etc/rc.d/rc5.d/S23kmdac' [ Not found ] [01:03:58] Checking for file '/etc/rc.d/rc6.d/S23kmdac' [ Not found ] [01:03:58] Checking for directory '/dev/sdhu0/tehdrakg' [ Not found ] [01:03:58] Checking for directory '/etc/.MG' [ Not found ] [01:03:58] Checking for directory '/usr/share/locale/sk/.sk12' [ Not found ] [01:03:58] Checking for directory '/usr/lib/perl5/site_perl/i386-linux/auto/TimeDate/.packlist' [ Not found ] [01:03:58] Suckit Rootkit [ Not found ] [01:03:58] [01:03:58] Checking for SunOS Rootkit... [01:03:58] Checking for file '/etc/ld.so.hash' [ Not found ] [01:03:58] Checking for file '/lib/libext-2.so.7' [ Not found ] [01:03:58] Checking for file '/usr/bin/ssh2d' [ Not found ] [01:03:58] Checking for file '/bin/xlogin' [ Not found ] [01:03:58] Checking for file '/usr/lib/crth.o' [ Not found ] [01:03:58] Checking for file '/usr/lib/crtz.o' [ Not found ] [01:03:58] Checking for file '/sbin/login' [ Not found ] [01:03:58] Checking for file '/lib/security/.config/sn' [ Not found ] [01:03:58] Checking for file '/lib/security/.config/lpsched' [ Not found ] [01:03:58] Checking for file '/dev/kmod' [ Not found ] [01:03:58] Checking for file '/dev/dos' [ Not found ] [01:03:58] SunOS Rootkit [ Not found ] [01:03:59] [01:03:59] Checking for SunOS / NSDAP Rootkit... [01:03:59] Checking for file '/usr/lib/vold/nsdap/.kit' [ Not found ] [01:03:59] Checking for file '/usr/lib/vold/nsdap/defines' [ Not found ] [01:03:59] Checking for file '/usr/lib/vold/nsdap/patcher' [ Not found ] [01:03:59] Checking for file '/usr/lib/vold/nsdap/pg' [ Not found ] [01:03:59] Checking for file '/usr/lib/vold/nsdap/cleaner' [ Not found ] [01:03:59] Checking for file '/usr/lib/vold/nsdap/utime' [ Not found ] [01:03:59] Checking for file '/usr/lib/vold/nsdap/crypt' [ Not found ] [01:03:59] Checking for file '/usr/lib/vold/nsdap/findkit' [ Not found ] [01:03:59] Checking for file '/usr/lib/vold/nsdap/sn2' [ Not found ] [01:03:59] Checking for file '/usr/lib/vold/nsdap/sniffload' [ Not found ] [01:03:59] Checking for file '/usr/lib/vold/nsdap/runsniff' [ Not found ] [01:03:59] Checking for file '/usr/lib/lpset' [ Not found ] [01:03:59] Checking for directory '/usr/lib/vold/nsdap' [ Not found ] [01:03:59] SunOS / NSDAP Rootkit [ Not found ] [01:03:59] [01:03:59] Checking for Superkit Rootkit... [01:03:59] Checking for file '/usr/man/.sman/sk' [ Not found ] [01:03:59] Superkit Rootkit [ Not found ] [01:03:59] [01:03:59] Checking for TBD (Telnet BackDoor)... [01:03:59] Checking for file '/usr/lib/.tbd' [ Not found ] [01:03:59] TBD (Telnet BackDoor) [ Not found ] [01:03:59] [01:03:59] Checking for TeLeKiT Rootkit... [01:03:59] Checking for file '/usr/man/man3/.../TeLeKiT/bin/sniff' [ Not found ] [01:03:59] Checking for file '/usr/man/man3/.../TeLeKiT/bin/telnetd' [ Not found ] [01:03:59] Checking for file '/usr/man/man3/.../TeLeKiT/bin/teleulo' [ Not found ] [01:04:00] Checking for file '/usr/man/man3/.../cl' [ Not found ] [01:04:00] Checking for file '/dev/ptyr' [ Not found ] [01:04:00] Checking for file '/dev/ptyp' [ Not found ] [01:04:00] Checking for file '/dev/ptyq' [ Not found ] [01:04:00] Checking for file '/dev/hda06' [ Not found ] [01:04:00] Checking for file '/usr/info/libc1.so' [ Not found ] [01:04:00] Checking for directory '/usr/man/man3/...' [ Not found ] [01:04:00] Checking for directory '/usr/man/man3/.../lsniff' [ Not found ] [01:04:00] Checking for directory '/usr/man/man3/.../TeLeKiT' [ Not found ] [01:04:00] TeLeKiT Rootkit [ Not found ] [01:04:00] [01:04:00] Checking for T0rn Rootkit... [01:04:00] Checking for file '/dev/.lib/lib/lib/t0rns' [ Not found ] [01:04:00] Checking for file '/dev/.lib/lib/lib/du' [ Not found ] [01:04:00] Checking for file '/dev/.lib/lib/lib/ls' [ Not found ] [01:04:00] Checking for file '/dev/.lib/lib/lib/t0rnsb' [ Not found ] [01:04:00] Checking for file '/dev/.lib/lib/lib/ps' [ Not found ] [01:04:00] Checking for file '/dev/.lib/lib/lib/t0rnp' [ Not found ] [01:04:00] Checking for file '/dev/.lib/lib/lib/find' [ Not found ] [01:04:01] Checking for file '/dev/.lib/lib/lib/ifconfig' [ Not found ] [01:04:01] Checking for file '/dev/.lib/lib/lib/pg' [ Not found ] [01:04:01] Checking for file '/dev/.lib/lib/lib/ssh.tgz' [ Not found ] [01:04:01] Checking for file '/dev/.lib/lib/lib/top' [ Not found ] [01:04:01] Checking for file '/dev/.lib/lib/lib/sz' [ Not found ] [01:04:01] Checking for file '/dev/.lib/lib/lib/login' [ Not found ] [01:04:01] Checking for file '/dev/.lib/lib/lib/in.fingerd' [ Not found ] [01:04:01] Checking for file '/dev/.lib/lib/lib/1i0n.sh' [ Not found ] [01:04:01] Checking for file '/dev/.lib/lib/lib/pstree' [ Not found ] [01:04:01] Checking for file '/dev/.lib/lib/lib/in.telnetd' [ Not found ] [01:04:01] Checking for file '/dev/.lib/lib/lib/mjy' [ Not found ] [01:04:01] Checking for file '/dev/.lib/lib/lib/sush' [ Not found ] [01:04:01] Checking for file '/dev/.lib/lib/lib/tfn' [ Not found ] [01:04:01] Checking for file '/dev/.lib/lib/lib/name' [ Not found ] [01:04:01] Checking for file '/dev/.lib/lib/lib/getip.sh' [ Not found ] [01:04:02] Checking for file '/usr/info/.torn/sh*' [ Not found ] [01:04:02] Checking for file '/usr/src/.puta/.1addr' [ Not found ] [01:04:02] Checking for file '/usr/src/.puta/.1file' [ Not found ] [01:04:02] Checking for file '/usr/src/.puta/.1proc' [ Not found ] [01:04:02] Checking for file '/usr/src/.puta/.1logz' [ Not found ] [01:04:02] Checking for file '/usr/info/.t0rn' [ Not found ] [01:04:02] Checking for directory '/dev/.lib' [ Not found ] [01:04:02] Checking for directory '/dev/.lib/lib' [ Not found ] [01:04:02] Checking for directory '/dev/.lib/lib/lib' [ Not found ] [01:04:02] Checking for directory '/dev/.lib/lib/lib/dev' [ Not found ] [01:04:02] Checking for directory '/dev/.lib/lib/scan' [ Not found ] [01:04:02] Checking for directory '/usr/src/.puta' [ Not found ] [01:04:02] Checking for directory '/usr/man/man1/man1' [ Not found ] [01:04:02] Checking for directory '/usr/man/man1/man1/lib' [ Not found ] [01:04:02] Checking for directory '/usr/man/man1/man1/lib/.lib' [ Not found ] [01:04:02] Checking for directory '/usr/man/man1/man1/lib/.lib/.backup' [ Not found ] [01:04:02] T0rn Rootkit [ Not found ] [01:04:02] [01:04:02] Checking for Trojanit Kit... [01:04:02] Checking for file '/bin/.ls' [ Not found ] [01:04:02] Checking for file '/bin/.ps' [ Not found ] [01:04:02] Checking for file '/bin/.netstat' [ Not found ] [01:04:03] Checking for file '/usr/bin/.nop' [ Not found ] [01:04:03] Checking for file '/usr/bin/.who' [ Not found ] [01:04:03] Trojanit Kit [ Not found ] [01:04:03] [01:04:03] Checking for Tuxtendo Rootkit... [01:04:03] Checking for file '/dev/tux/.addr' [ Not found ] [01:04:03] Checking for file '/dev/tux/.cron' [ Not found ] [01:04:03] Checking for file '/dev/tux/.file' [ Not found ] [01:04:03] Checking for file '/dev/tux/.log' [ Not found ] [01:04:03] Checking for file '/dev/tux/.proc' [ Not found ] [01:04:03] Checking for file '/dev/tux/backup/crontab' [ Not found ] [01:04:03] Checking for file '/dev/tux/backup/df' [ Not found ] [01:04:03] Checking for file '/dev/tux/backup/dir' [ Not found ] [01:04:03] Checking for file '/dev/tux/backup/find' [ Not found ] [01:04:03] Checking for file '/dev/tux/backup/ifconfig' [ Not found ] [01:04:03] Checking for file '/dev/tux/backup/locate' [ Not found ] [01:04:03] Checking for file '/dev/tux/backup/netstat' [ Not found ] [01:04:03] Checking for file '/dev/tux/backup/ps' [ Not found ] [01:04:03] Checking for file '/dev/tux/backup/pstree' [ Not found ] [01:04:03] Checking for file '/dev/tux/backup/syslogd' [ Not found ] [01:04:03] Checking for file '/dev/tux/backup/tcpd' [ Not found ] [01:04:04] Checking for file '/dev/tux/backup/top' [ Not found ] [01:04:04] Checking for file '/dev/tux/backup/updatedb' [ Not found ] [01:04:04] Checking for file '/dev/tux/backup/vdir' [ Not found ] [01:04:04] Checking for directory '/dev/tux' [ Not found ] [01:04:04] Checking for directory '/dev/tux/ssh2' [ Not found ] [01:04:04] Checking for directory '/dev/tux/backup' [ Not found ] [01:04:04] Tuxtendo Rootkit [ Not found ] [01:04:04] [01:04:04] Checking for URK Rootkit... [01:04:04] Checking for file '/usr/man/man1/xxxxxxbin/find' [ Not found ] [01:04:04] Checking for file '/usr/man/man1/xxxxxxbin/du' [ Not found ] [01:04:04] Checking for file '/usr/man/man1/xxxxxxbin/ps' [ Not found ] [01:04:04] Checking for file '/tmp/conf.inf' [ Not found ] [01:04:04] Checking for directory '/usr/man/man1/xxxxxxbin' [ Not found ] [01:04:04] URK Rootkit [ Not found ] [01:04:04] [01:04:04] Checking for Vampire Rootkit... [01:04:04] Checking for kernel symbol 'new_getdents' [ Skipped ] [01:04:04] Checking for kernel symbol 'old_getdents' [ Skipped ] [01:04:04] Checking for kernel symbol 'should_hide_file_name' [ Skipped ] [01:04:04] Checking for kernel symbol 'should_hide_task_name' [ Skipped ] [01:04:05] Vampire Rootkit [ Not found ] [01:04:05] [01:04:05] Checking for VcKit Rootkit... [01:04:05] Checking for directory '/usr/include/linux/modules/lib.so' [ Not found ] [01:04:05] Checking for directory '/usr/include/linux/modules/lib.so/bin' [ Not found ] [01:04:05] VcKit Rootkit [ Not found ] [01:04:05] [01:04:05] Checking for Volc Rootkit... [01:04:05] Checking for directory '/var/spool/.recent' [ Not found ] [01:04:05] Checking for directory '/var/spool/.recent/.files' [ Not found ] [01:04:05] Checking for directory '/usr/lib/volc' [ Not found ] [01:04:05] Checking for directory '/usr/lib/volc/backup' [ Not found ] [01:04:05] Volc Rootkit [ Not found ] [01:04:05] [01:04:05] Checking for X-Org SunOS Rootkit... [01:04:05] Checking for file '/usr/lib/libX.a/bin/tmpfl' [ Not found ] [01:04:05] Checking for file '/usr/lib/libX.a/bin/rps' [ Not found ] [01:04:05] Checking for file '/usr/bin/srload' [ Not found ] [01:04:05] Checking for file '/usr/lib/libX.a/bin/sparcv7/rps' [ Not found ] [01:04:05] Checking for file '/usr/sbin/modcheck' [ Not found ] [01:04:05] Checking for directory '/usr/lib/libX.a' [ Not found ] [01:04:05] Checking for directory '/usr/lib/libX.a/bin' [ Not found ] [01:04:05] Checking for directory '/usr/lib/libX.a/bin/sparcv7' [ Not found ] [01:04:06] Checking for directory '/usr/share/man...' [ Not found ] [01:04:06] X-Org SunOS Rootkit [ Not found ] [01:04:06] [01:04:06] Checking for zaRwT.KiT Rootkit... [01:04:06] Checking for file '/dev/rd/s/sendmeil' [ Not found ] [01:04:06] Checking for file '/dev/ttyf' [ Not found ] [01:04:06] Checking for file '/dev/ttyp' [ Not found ] [01:04:06] Checking for file '/dev/ttyn' [ Not found ] [01:04:06] Checking for file '/rk/tulz' [ Not found ] [01:04:06] Checking for directory '/rk' [ Not found ] [01:04:06] Checking for directory '/dev/rd/s' [ Not found ] [01:04:06] zaRwT.KiT Rootkit [ Not found ] [01:04:06] [01:04:06] Performing additional rootkit checks [01:04:06] Info: Starting test name 'additional_rkts' [01:04:06] [01:04:06] Performing Suckit Rookit additional checks [01:04:06] Checking hard link count on '/sbin/init' [ OK ] [01:04:06] Checking for hidden file extensions [ None found ] [01:04:06] Running skdet command [ Skipped ] [01:04:06] Info: Unable to find the 'skdet' command [01:04:06] Suckit Rookit additional checks [ OK ] [01:04:07] [01:04:07] Performing check of possible rootkit files and directories [01:04:07] Info: Starting test name 'possible_rkt_files' [01:04:07] Checking for file '/dev/sdr0' [ Not found ] [01:04:07] Checking for file '/tmp/.syshackfile' [ Not found ] [01:04:07] Checking for file '/tmp/.bash_history' [ Not found ] [01:04:07] Checking for file '/usr/info/.clib' [ Not found ] [01:04:07] Checking for file '/usr/sbin/tcp.log' [ Not found ] [01:04:07] Checking for file '/usr/bin/take/pid' [ Not found ] [01:04:07] Checking for file '/sbin/create' [ Not found ] [01:04:07] Checking for file '/dev/ttypz' [ Not found ] [01:04:07] Checking for directory '/usr/bin/take' [ Not found ] [01:04:07] Checking for directory '/usr/src/.lib' [ Not found ] [01:04:07] Checking for directory '/usr/share/man/man1/.1c' [ Not found ] [01:04:07] Checking for directory '/lib/lblip.tk' [ Not found ] [01:04:07] Checking for directory '/usr/sbin/...' [ Not found ] [01:04:08] Checking for directory '/usr/share/.gun' [ Not found ] [01:04:08] Checking for possible rootkit files and directories [ None found ] [01:04:08] [01:04:08] Performing check for possible rootkit strings [01:04:08] Info: Starting test name 'possible_rkt_strings' [01:04:08] Info: Using system startup paths: /etc/rc.d /etc/inittab [01:04:08] Checking for string '/dev/proc/fuckit' [ Not found ] [01:04:08] Checking for string 'FUCK' [ Not found ] [01:04:08] Checking for string 'backdoor' [ Not found ] [01:04:08] Checking for string 'vt200' [ Not found ] [01:04:08] Checking for string '/usr/bin/xstat' [ Not found ] [01:04:08] Checking for string '/bin/envpc' [ Not found ] [01:04:08] Checking for string 'L4m3r0x' [ Not found ] [01:04:08] Checking for string '/usr/lib/.tbd' [ Not found ] [01:04:09] Checking for string '/dev/ptyxx/.file' [ Not found ] [01:04:09] Checking for string '/dev/sgk' [ Not found ] [01:04:09] Checking for string '/var/lock/subsys/...datafile...' [ Not found ] [01:04:09] Checking for string '/usr/lib/.tbd' [ Not found ] [01:04:09] Checking for string '/dev/proc/fuckit' [ Not found ] [01:04:09] Checking for string '/lib/.sso' [ Not found ] [01:04:09] Checking for string '/var/lock/subsys/...datafile...' [ Not found ] [01:04:09] Checking for string '/dev/caca' [ Not found ] [01:04:09] Checking for string '/dev/ttyoa' [ Not found ] [01:04:09] Checking for string 'syg' [ Not found ] [01:04:09] Checking for string 'sshd_config' [ Not found ] [01:04:10] Checking for string '/dev/pts/01' [ Not found ] [01:04:10] Checking for string 'tw33dl3' [ Not found ] [01:04:10] Checking for string 'psniff' [ Not found ] [01:04:10] Checking for string '/var/lock/subsys/...datafile...' [ Not found ] [01:04:10] Checking for string '/dev/ptyxx' [ Not found ] [01:04:10] Checking for string '/dev/xdta' [ Not found ] [01:04:10] Checking for string '/usr/lib/.tbd' [ Not found ] [01:04:11] Checking for string 'in.inetd' [ Not found ] [01:04:11] Checking for string '#<HIDE_.*>' [ Not found ] [01:04:11] Checking for string 'bin/xchk' [ Not found ] [01:04:12] Checking for string 'bin/xsf' [ Not found ] [01:04:12] Checking for possible rootkit strings [ None found ] [01:04:12] [01:04:12] Performing malware checks [01:04:12] Info: Starting test name 'malware' [01:04:12] [01:04:12] Info: Test 'deleted_files' disabled at users request. [01:04:12] Info: Starting test name 'running_procs' [01:04:13] Checking running processes for suspicious files [ None found ] [01:04:13] [01:04:13] Info: Test 'hidden_procs' disabled at users request. [01:04:13] [01:04:13] Info: Test 'suspscan' disabled at users request. [01:04:13] [01:04:13] Performing check for login backdoors [01:04:13] Info: Starting test name 'other_malware' [01:04:13] Checking for '/bin/.login' [ Not found ] [01:04:13] Checking for '/sbin/.login' [ Not found ] [01:04:13] Checking for login backdoors [ None found ] [01:04:13] [01:04:13] Performing check for suspicious directories [01:04:13] Checking for directory '/usr/X11R6/bin/.,/copy' [ Not found ] [01:04:13] Checking for directory '/dev/rd/cdb' [ Not found ] [01:04:13] Checking for suspicious directories [ None found ] [01:04:13] [01:04:13] Checking for software intrusions [ Skipped ] [01:04:13] Info: Check skipped - tripwire not installed [01:04:13] [01:04:13] Performing check for sniffer log files [01:04:13] Checking for file '/usr/lib/libice.log' [ Not found ] [01:04:13] Checking for sniffer log files [ None found ] [01:04:13] [01:04:13] Performing trojan specific checks [01:04:13] Info: Starting test name 'trojans' [01:04:13] Checking for enabled inetd services [ Skipped ] [01:04:13] Info: Check skipped - file '/etc/inetd.conf' does not exist. [01:04:13] [01:04:13] Performing check for enabled xinetd services [01:04:13] Info: Using xinetd configuration file '/etc/xinetd.conf' [01:04:14] Checking '/etc/xinetd.conf' for enabled services [ None found ] [01:04:14] Found 'includedir /etc/xinetd.d' directive [01:04:14] Checking '/etc/xinetd.d/chargen-dgram' for enabled services [ None found ] [01:04:14] Checking '/etc/xinetd.d/chargen-stream' for enabled services [ None found ] [01:04:14] Checking '/etc/xinetd.d/daytime-dgram' for enabled services [ None found ] [01:04:14] Checking '/etc/xinetd.d/daytime-stream' for enabled services [ None found ] [01:04:14] Checking '/etc/xinetd.d/discard-dgram' for enabled services [ None found ] [01:04:14] Checking '/etc/xinetd.d/discard-stream' for enabled services [ None found ] [01:04:14] Checking '/etc/xinetd.d/echo-dgram' for enabled services [ None found ] [01:04:14] Checking '/etc/xinetd.d/echo-stream' for enabled services [ None found ] [01:04:14] Checking '/etc/xinetd.d/finger' for enabled services [ None found ] [01:04:14] Checking '/etc/xinetd.d/ftp_psa' for enabled services [ Warning ] [01:04:14] Checking '/etc/xinetd.d/ntalk' for enabled services [ None found ] [01:04:15] Checking '/etc/xinetd.d/poppassd_psa' for enabled services [ Warning ] [01:04:15] Checking '/etc/xinetd.d/rsync' for enabled services [ None found ] [01:04:15] Checking '/etc/xinetd.d/smtp_psa' for enabled services [ None found ] [01:04:15] Checking '/etc/xinetd.d/smtps_psa' for enabled services [ None found ] [01:04:15] Checking '/etc/xinetd.d/submission_psa' for enabled services [ None found ] [01:04:15] Checking '/etc/xinetd.d/talk' for enabled services [ None found ] [01:04:15] Checking '/etc/xinetd.d/tcpmux-server' for enabled services [ None found ] [01:04:15] Checking '/etc/xinetd.d/time-dgram' for enabled services [ None found ] [01:04:15] Checking '/etc/xinetd.d/time-stream' for enabled services [ None found ] [01:04:15] Checking for enabled xinetd services [ Warning ] [01:04:15] Warning: Found enabled xinetd service: /etc/xinetd.d/ftp_psa [01:04:15] Warning: Found enabled xinetd service: /etc/xinetd.d/poppassd_psa [01:04:15] Checking for Apache backdoor [ Not found ] [01:04:15] [01:04:15] Performing Linux specific checks [01:04:15] Info: Starting test name 'os_specific' [01:04:16] Checking loaded kernel modules [ Warning ] [01:04:16] Warning: No output found from the lsmod command or the /proc/modules file: [01:04:16] /proc/modules output: [01:04:16] lsmod output: [01:04:16] Info: Using modules pathname of '/lib/modules/2.6.32-042stab088.4' [01:04:16] Checking kernel module names [ OK ] [01:04:16] [01:04:16] Checking the network... [01:04:16] Info: Starting test name 'network' [01:04:16] Info: Starting test name 'ports' [01:04:16] [01:04:16] Performing check for backdoor ports [01:04:16] Checking for TCP port 1524 [ Not found ] [01:04:16] Checking for TCP port 1984 [ Not found ] [01:04:17] Checking for UDP port 2001 [ Not found ] [01:04:17] Checking for TCP port 2006 [ Not found ] [01:04:17] Checking for TCP port 2128 [ Not found ] [01:04:17] Checking for TCP port 6666 [ Not found ] [01:04:17] Checking for TCP port 6667 [ Not found ] [01:04:17] Checking for TCP port 6668 [ Not found ] [01:04:17] Checking for TCP port 6669 [ Not found ] [01:04:18] Checking for TCP port 7000 [ Not found ] [01:04:18] Checking for TCP port 13000 [ Not found ] [01:04:18] Checking for TCP port 14856 [ Not found ] [01:04:18] Checking for TCP port 25000 [ Not found ] [01:04:18] Checking for TCP port 29812 [ Not found ] [01:04:18] Checking for TCP port 31337 [ Not found ] [01:04:18] Checking for TCP port 32982 [ Not found ] [01:04:19] Checking for TCP port 33369 [ Not found ] [01:04:19] Checking for TCP port 47107 [ Not found ] [01:04:19] Checking for TCP port 47018 [ Not found ] [01:04:19] Checking for TCP port 60922 [ Not found ] [01:04:19] Checking for TCP port 62883 [ Not found ] [01:04:19] Checking for TCP port 65535 [ Not found ] [01:04:19] [01:04:19] Performing checks on the network interfaces [01:04:19] Info: Starting test name 'promisc' [01:04:19] Checking for promiscuous interfaces [ None found ] [01:04:19] [01:04:19] Info: Test 'packet_cap_apps' disabled at users request. [01:04:19] [01:04:19] Checking the local host... [01:04:20] Info: Starting test name 'local_host' [01:04:20] [01:04:20] Performing system boot checks [01:04:20] Info: Starting test name 'startup_files' [01:04:20] Checking for local host name [ Found ] [01:04:20] Info: Starting test name 'startup_malware' [01:04:20] Checking for system startup files [ Found ] [01:04:21] Checking system startup files for malware [ None found ] [01:04:21] [01:04:21] Performing group and account checks [01:04:21] Info: Starting test name 'group_accounts' [01:04:21] Checking for passwd file [ Found ] [01:04:21] Info: Found password file: /etc/passwd [01:04:21] Checking for root equivalent (UID 0) accounts [ None found ] [01:04:21] Info: Found shadow file: /etc/shadow [01:04:21] Checking for passwordless accounts [ None found ] [01:04:21] Info: Starting test name 'passwd_changes' [01:04:21] Checking for passwd file changes [ Warning ] [01:04:21] Warning: Unable to check for passwd file differences: no copy of the passwd file exists. [01:04:21] Info: Starting test name 'group_changes' [01:04:21] Checking for group file changes [ Warning ] [01:04:22] Warning: Unable to check for group file differences: no copy of the group file exists. [01:04:22] Checking root account shell history files [ OK ] [01:04:22] [01:04:22] Performing system configuration file checks [01:04:22] Info: Starting test name 'system_configs' [01:04:22] Checking for SSH configuration file [ Found ] [01:04:22] Info: Found SSH configuration file: /etc/ssh/sshd_config [01:04:22] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'unset'. [01:04:22] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '2'. [01:04:22] Checking if SSH root access is allowed [ Not set ] [01:04:22] Checking if SSH protocol v1 is allowed [ Not allowed ] [01:04:22] Checking for running syslog daemon [ Found ] [01:04:22] Checking for syslog configuration file [ Found ] [01:04:22] Info: Found syslog configuration file: /etc/rsyslog.conf [01:04:22] Checking if syslog remote logging is allowed [ Not allowed ] [01:04:22] [01:04:22] Performing filesystem checks [01:04:22] Info: Starting test name 'filesystem' [01:04:22] Info: SCAN_MODE_DEV set to 'THOROUGH' [01:04:22] Checking /dev for suspicious file types [ Warning ] [01:04:22] Warning: Suspicious file types found in /dev: [01:04:22] /dev/shm/SharedLockManagerStorage_v2-785789301c: data [01:04:24] Checking for hidden files and directories [ Warning ] [01:04:24] Warning: Hidden directory found: /dev/.udev [01:04:24] Warning: Hidden file found: /usr/share/man/man1/..1.gz: gzip compressed data, from Unix, max compression [01:04:24] Warning: Hidden file found: /usr/share/man/man5/.k5login.5.gz: gzip compressed data, from Unix, max compression [01:04:24] Warning: Hidden file found: /usr/share/man/man5/.k5identity.5.gz: gzip compressed data, from Unix, max compression [01:04:24] Warning: Hidden file found: /usr/bin/.fipscheck.hmac: ASCII text [01:04:24] Warning: Hidden file found: /usr/bin/.ssh.hmac: ASCII text [01:04:24] Warning: Hidden file found: /usr/sbin/.sshd.hmac: ASCII text [01:04:24] [01:04:24] Checking application versions... [01:04:24] Info: Starting test name 'apps' [01:04:25] Info: Application 'exim' not found. [01:04:25] Checking version of GnuPG [ OK ] [01:04:25] Info: Application 'gpg' version '2.0.14' found. [01:04:25] Checking version of Apache [ Warning ] [01:04:25] Warning: Application 'httpd', version '2.2.15', is out of date, and possibly a security risk. [01:04:25] Checking version of Bind DNS [ OK ] [01:04:25] Info: Application 'named' version '9.8.2rc1' found. [01:04:25] Checking version of OpenSSL [ OK ] [01:04:25] Info: Application 'openssl' version '1.0.1e-fips' found. [01:04:25] Checking version of PHP [ OK ] [01:04:25] Info: Application 'php' version '5.3.3' found. [01:04:25] Checking version of Procmail MTA [ OK ] [01:04:25] Info: Application 'procmail' version '3.22' found. [01:04:26] Checking version of ProFTPd [ OK ] [01:04:26] Info: Application 'proftpd' version '1.3.5a' found. [01:04:26] Checking version of OpenSSH [ OK ] [01:04:26] Info: Application 'sshd' version '5.3p1' found. [01:04:26] Info: Applications checked: 8 out of 9 [01:04:26] [01:04:26] System checks summary [01:04:26] ===================== [01:04:26] [01:04:26] File properties checks... [01:04:26] Required commands check failed [01:04:26] Files checked: 128 [01:04:26] Suspect files: 3 [01:04:26] [01:04:26] Rootkit checks... [01:04:26] Rootkits checked : 113 [01:04:26] Possible rootkits: 0 [01:04:26] [01:04:26] Applications checks... [01:04:26] Applications checked: 8 [01:04:26] Suspect applications: 1 [01:04:26] [01:04:26] The system checks took: 3 minutes and 9 secondsCo si mám myslet o řádku Please inspect this machine, because it may be infected.? Je to běžné upozornění? Mám se bát a nějak to řešit?
Tiskni
Sdílej:
ISSN 1214-1267, (c) 1999-2007 Stickfish s.r.o.