Discos duros cifrados protegidos contra escritura, al conectarlos a la placa base reescriben la bios,rootkit fijo.
el-brujo:
Citar
Hola, e escaneado con rkhunter, con caine, y me marca todo warnings, y 16 posibles rootkits, pero eso, posibles, ya he hecho varias cosas, han desaparecido los warnings la gran mayoría, pero me sigue marcando errores, y eso, 16 posibles rootkits creo recordar.
Si quereis el log puedo ponerlo, pero debo rescatarlo de un disco duro averiado, que si lo queréis ver, yo lo busco y lo pongo, de hecho lo haré cuando pueda.
Pero bueno, solo dice que pueden haber 16 rootkits, no que los haya.
¿Eso se lo inventa el programa???
¿Has oído hablar de los falsos positivos?
La última versión de rkhunter es de 2018
https://sourceforge.net/projects/rkhunter/files/
Hason:
Hola buenas.
Citar
El análisis que da el comando es un análisis breve...
ejécutalo al completo:
chkdsk n: /F /V /R
...son 5 fases, la 4ª y 5ª llevan mucho tiempo (horas básicamente, pero depende dle tamaño, velocidad y daños (si los hubiere) del disco)
Si ya se que estoy utilizando un comando corto de chkdsk, pero me sirve para comprobar, que no me arroja el error de el disco esta protegido contra escritura, y codigo de error 50 cuando se transferia al registro... :D por eso me vale.
De todas formas , he pasado el comando:
c: /f /x /r
Que es más completo, y se a tirado una hora o más, y el resultado a sido ok, perfect ;D
Ahora mismo llevo todo el día reparando discos duros que tengo unos 8 no se ahora, por ahí andarán...
Ahora mismo estoy reparando uno de 500gb,cuando este formateado a bajo nivel, le pasaré tu comando, de todas formas, tengo todas las chuletas de chkdsk, me voy a volver experto a este paso...
Ya te comentaré el resultado, pero de momento todo ok.
Citar
¿Has oído hablar de los falsos positivos?
La última versión de rkhunter es de 2018
Si señor el brujo, lo e oido, y lo e estudiado, llevo semanas o meses enchufado sin parar estudiando, (ya me dejé la cafeina, solo dos cafes por la mañana)
Ahora pondré el log, lo he recuperado del disco duro antes de formatearlo bajo nivel ;D
Se que habían falsos positivos, ya casi lo se de memoria, hay que hacer un update del programa, y pasarle, varios comandos, entre ellos, rkhunter --propupd, luego de eso, desapareciron la gran mayoria de warning, lo podriá explicar, pero no tengo ganas, yo ya lo se, muchas horas de estudio llevo...
Pondré el log original sin hacer nada, y luego el log arreglado, y vereis que me marca no 16 si no 12 posibles rootkits, posibles, que no es seguro, pero si lo marca es por algo, y con todos los problemas que tengo, creo que puede ser... ya que el tema de los rootkits es que engañan al s.o. y se esconden... por eso, puede ser verdad.
Aparte, he descargado programas más modernos y mejores que rkhunter y chrootkit, como aide, pero en todos los que he instalado, me marca error... pero bueno... ahora empieza lo bueno para mi, fase nueva en el videojuego... con los discos duros limpios, y con un fedora original, volveré a empezar partida más limpia.
voy a poner los logs, los he rescatado antes formatear bajo nivel, primero uno sin modificar rkhunter, y luego, modificado rkhunter que arroja menos advertencias, pero lo de los rootkits si lo pone, son 12 perdón, no lo recordaba bien, aya va:
Bueno, no puedo ponerlos en el foro , por que son muy largos :( intentaré poner lo más interesante, y si no haré dobles post.
Pero para no saturar, pondré solo la parte de los warnings y los posibles rootkits, alla va, primero , con rkhunter sin modificar los parámetros y luego modificado.
EL primero:
[code][11:27:25] Info: Starting test name 'properties'
[11:27:25] Performing file properties checks
[11:27:25] Warning: Checking for prerequisites [ Warning ]
[11:27:25] No output from the 'lsattr' command - all file immutable-bit checks will be skipped.
[11:27:25] The local host configuration or operating system has changed.
[11:27:27] /usr/local/bin/test [ Warning ]
[11:27:27] Warning: The file '/usr/local/bin/test' exists on the system, but it is not present in the 'rkhunter.dat' file.
[11:27:28] /usr/sbin/adduser [ Warning ]
[11:27:28] Warning: The file properties have changed:
[11:27:28] File: /usr/sbin/adduser
[11:27:28] Current inode: 136452 Stored inode: 1191091
[11:27:28] Info: Found file '/usr/sbin/adduser': it is whitelisted for the 'script replacement' check.
[11:27:28] /usr/sbin/chroot [ Warning ]
[11:27:28] Warning: The file properties have changed:
[11:27:28] File: /usr/sbin/chroot
[11:27:28] Current inode: 136485 Stored inode: 1191110
[11:27:28] /usr/sbin/cron [ Warning ]
[11:27:28] Warning: The file properties have changed:
[11:27:28] File: /usr/sbin/cron
[11:27:28] Current inode: 136497 Stored inode: 1191120
[11:27:28] /usr/sbin/groupadd [ Warning ]
[11:27:28] Warning: The file properties have changed:
[11:27:28] File: /usr/sbin/groupadd
[11:27:28] Current hash: d703eec3ce7e9bc44ab21cb5fc7281654b108e145b85d61b88fa05dbfdb10df7
[11:27:28] Stored hash : 7274989b6b8e7ac8201b85139ed6b32fe2f9c8cc7313e38d2c12c9eee2fa5171
[11:27:28] Current inode: 136549 Stored inode: 1191146
[11:27:29] Current file modification time: 1553281538 (22-mar-2019 20:05:38)
[11:27:29] Stored file modification time : 1516892962 (25-gen-2018 16:09:22)
[11:27:29] /usr/sbin/groupdel [ Warning ]
[11:27:29] Warning: The file properties have changed:
[11:27:29] File: /usr/sbin/groupdel
[11:27:29] Current hash: 63850f994fdab68652e8be2eaaec667e4ab9f8583bf7be094d5f91e198b28c61
[11:27:29] Stored hash : c48d32fe2f4959167bd6bfc688c3cf29c2fcd2a6be9309114a0c6fa4422cd9d8
[11:27:29] Current inode: 136550 Stored inode: 1191147
[11:27:29] Current file modification time: 1553281538 (22-mar-2019 20:05:38)
[11:27:29] Stored file modification time : 1516892962 (25-gen-2018 16:09:22)
[11:27:29] /usr/sbin/groupmod [ Warning ]
[11:27:29] Warning: The file properties have changed:
[11:27:29] File: /usr/sbin/groupmod
[11:27:29] Current hash: 9efc88b57878fd98efdc9a98608d9b8950a7117db2a8081a2e0f6b96ace0a3f6
[11:27:29] Stored hash : af3e688333f0d859c7447f725567aad7ab9c763dcde90b9defb84aec4d84e1f2
[11:27:29] Current inode: 136552 Stored inode: 1191149
[11:27:29] Current file modification time: 1553281538 (22-mar-2019 20:05:38)
[11:27:29] Stored file modification time : 1516892962 (25-gen-2018 16:09:22)
[11:27:29] /usr/sbin/grpck [ Warning ]
[11:27:29] Warning: The file properties have changed:
[11:27:29] File: /usr/sbin/grpck
[11:27:29] Current hash: 259901c641944017deb7136da4d107e591390ee96925c2c99c5c8ac10f904d0c
[11:27:29] Stored hash : 8a6407b091487d2a30b52e69f15d8c1d5d873904b77c334c150deb0274e4583c
[11:27:29] Current inode: 136553 Stored inode: 1191150
[11:27:29] Current file modification time: 1553281538 (22-mar-2019 20:05:38)
[11:27:29] Stored file modification time : 1516892962 (25-gen-2018 16:09:22)
[11:27:29] /usr/sbin/nologin [ Warning ]
[11:27:29] Warning: The file properties have changed:
[11:27:29] File: /usr/sbin/nologin
[11:27:29] Current hash: 2e68cf7abbd5ebb85efb8443257f094d35871c0a3384ba71effea98edf517ea5
[11:27:29] Stored hash : b6a40cf6f883aa3f5042e54a4e7f455846e983fb3b1769caa580139cb4a0107f
[11:27:29] Current inode: 136638 Stored inode: 1191197
[11:27:29] Current file modification time: 1553281538 (22-mar-2019 20:05:38)
[11:27:29] Stored file modification time : 1516892962 (25-gen-2018 16:09:22)
[11:27:30] /usr/sbin/pwck [ Warning ]
[11:27:30] Warning: The file properties have changed:
[11:27:30] File: /usr/sbin/pwck
[11:27:30] Current hash: eb29cd40cb8b153c64704dcfcd31359440ee9efe362b86d3af04b4c8f8ff6e1a
[11:27:30] Stored hash : 2ee9608b222cf4ef2d8b1023a85f754d0a9bc0a07173634237ccf8ce0bbf0c14
[11:27:30] Current inode: 136678 Stored inode: 1191217
[11:27:30] Current file modification time: 1553281538 (22-mar-2019 20:05:38)
[11:27:30] Stored file modification time : 1516892962 (25-gen-2018 16:09:22)
[11:27:30] /usr/sbin/rsyslogd [ Warning ]
[11:27:30] Warning: The file properties have changed:
[11:27:30] File: /usr/sbin/rsyslogd
[11:27:30] Current inode: 136704 Stored inode: 1191228
[11:27:30] /usr/sbin/sshd [ Warning ]
[11:27:30] Warning: The file '/usr/sbin/sshd' exists on the system, but it is not present in the 'rkhunter.dat' file.
[11:27:30] /usr/sbin/useradd [ Warning ]
[11:27:30] Warning: The file properties have changed:
[11:27:30] File: /usr/sbin/useradd
[11:27:30] Current hash: e808177cb21e2643fc90de0d714ab65b45e65d7805f0b72a192b204c29e737b1
[11:27:30] Stored hash : c8077e384aaeeb998b4af43b94783875778b7ee79d79406ec27af9a5148cb3ae
[11:27:30] Current inode: 136811 Stored inode: 1191277
[11:27:30] Current file modification time: 1553281538 (22-mar-2019 20:05:38)
[11:27:30] Stored file modification time : 1516892962 (25-gen-2018 16:09:22)
[11:27:30] /usr/sbin/userdel [ Warning ]
[11:27:30] Warning: The file properties have changed:
[11:27:30] File: /usr/sbin/userdel
[11:27:30] Current hash: 4edf51b16552d105de39319e45625a77fe7ed5380f6499931990ed1da3f909ef
[11:27:30] Stored hash : 998156c0f1d53831a978ac8c1c7a0dcdf18f1f01e59eb38c0540a5db7b759595
[11:27:30] Current inode: 136812 Stored inode: 1191278
[11:27:30] Current size: 84464 Stored size: 84432
[11:27:30] Current file modification time: 1553281538 (22-mar-2019 20:05:38)
[11:27:30] Stored file modification time : 1516892962 (25-gen-2018 16:09:22)
[11:27:31] /usr/sbin/usermod [ Warning ]
[11:27:31] Warning: The file properties have changed:
[11:27:31] File: /usr/sbin/usermod
[11:27:31] Current hash: a3648b87a7ab645e83f4990825f7710791264b307bf763377df8d8f2a6baf567
[11:27:31] Stored hash : 506e6ec1591e30a8b4084713a438955d411faf9362f54937c3cd19775c90c793
[11:27:31] Current inode: 136813 Stored inode: 1191279
[11:27:31] Current size: 126016 Stored size: 121920
[11:27:31] Current file modification time: 1553281538 (22-mar-2019 20:05:38)
[11:27:31] Stored file modification time : 1516892962 (25-gen-2018 16:09:22)
[11:27:31] /usr/sbin/vipw [ Warning ]
[11:27:31] Warning: The file properties have changed:
[11:27:31] File: /usr/sbin/vipw
[11:27:31] Current hash: da23520ecb49bfbc96334e7361e26346d319c8fc37f64f9987275eb28d49d0fb
[11:27:31] Stored hash : 9ad29fc75e4804f85e027c7e9ecb4979da402438ec3a098829aa74cf0a5a0c72
[11:27:31] Current inode: 136823 Stored inode: 1191285
[11:27:31] Current file modification time: 1553281538 (22-mar-2019 20:05:38)
[11:27:31] Stored file modification time : 1516892962 (25-gen-2018 16:09:22)
[11:27:31] /usr/sbin/unhide [ Warning ]
[11:27:31] Warning: The file properties have changed:
[11:27:31] File: /usr/sbin/unhide
[11:27:31] Current inode: 136768 Stored inode: 1202265
[11:27:31] Current file modification time: 1575280912 (02-dic-2019 11:01:52)
[11:27:31] Stored file modification time : 1446528173 (03-nov-2015 06:22:53)
[11:27:31] /usr/sbin/unhide-linux [ Warning ]
[11:27:31] Warning: The file properties have changed:
[11:27:31] File: /usr/sbin/unhide-linux
[11:27:31] Current inode: 136769 Stored inode: 1202263
[11:27:31] /usr/sbin/unhide-posix [ Warning ]
[11:27:31] Warning: The file properties have changed:
[11:27:31] File: /usr/sbin/unhide-posix
[11:27:31] Current inode: 136770 Stored inode: 1202262
[11:27:31] /usr/sbin/unhide-tcp [ Warning ]
[11:27:31] Warning: The file properties have changed:
[11:27:31] File: /usr/sbin/unhide-tcp
[11:27:31] Current inode: 136771 Stored inode: 1202261
[11:27:32] /usr/bin/awk [ Warning ]
[11:27:32] Warning: The file properties have changed:
[11:27:32] File: /usr/bin/awk
[11:27:32] Current inode: 36128 Stored inode: 1179758
[11:27:32] Current file modification time: 1575280750 (02-dic-2019 10:59:10)
[11:27:32] Stored file modification time : 1537264455 (18-set-2018 11:54:15)
[11:27:32] /usr/bin/basename [ Warning ]
[11:27:32] Warning: The file properties have changed:
[11:27:32] File: /usr/bin/basename
[11:27:32] Current inode: 36134 Stored inode: 1179762
[11:27:32] /usr/bin/chattr [ Warning ]
[11:27:32] Warning: The file properties have changed:
[11:27:32] File: /usr/bin/chattr
[11:27:32] Current hash: 94a9adea0a0701d36ee5adcecd25ea456f01aafe6d5e0a0f0a35fa43735c59c1
[11:27:32] Stored hash : 4bc88abb911956c5eba1837e8d3cb0a0240b8c0088cb8dd127baa7720d2e06a4
[11:27:32] Current inode: 36254 Stored inode: 1179827
[11:27:32] Current file modification time: 1569520918 (26-set-2019 20:01:58)
[11:27:32] Stored file modification time : 1521918808 (24-mar-2018 20:13:28)
[11:27:32] /usr/bin/cut [ Warning ]
[11:27:32] Warning: The file properties have changed:
[11:27:32] File: /usr/bin/cut
[11:27:32] Current inode: 36342 Stored inode: 1179883
[11:27:32] /usr/bin/diff [ Warning ]
[11:27:32] Warning: The file properties have changed:
[11:27:32] File: /usr/bin/diff
[11:27:32] Current inode: 36507 Stored inode: 1179921
[11:27:32] /usr/bin/dirname [ Warning ]
[11:27:32] Warning: The file properties have changed:
[11:27:32] File: /usr/bin/dirname
[11:27:32] Current inode: 36518 Stored inode: 1179928
[11:27:32] /usr/bin/dpkg [ Warning ]
[11:27:32] Warning: The file properties have changed:
[11:27:32] File: /usr/bin/dpkg
[11:27:32] Current hash: a04fbea36831ceb207e02daa0da2e7115718845fef5669c461124ec96a828b84
[11:27:32] Stored hash : d1c3e14626a37fb57330759403ceb97b0dd286d60e3cba3b6ee465144eba1de6
[11:27:32] Current inode: 36543 Stored inode: 1179935
[11:27:32] Current file modification time: 1567717514 (05-set-2019 23:05:14)
[11:27:32] Stored file modification time : 1523845521 (16-apr-2018 04:25:21)
[11:27:32] /usr/bin/dpkg-query [ Warning ]
[11:27:33] Warning: The file properties have changed:
[11:27:33] File: /usr/bin/dpkg-query
[11:27:33] Current hash: c030fd595169bfa22d07a6a63cae77530dec6b266b021ab5cb2dec709d5b9cd5
[11:27:33] Stored hash : 892302b08ca5fe3de11d19e3e1d2e294e095b26a9465589028ca26e448575621
[11:27:33] Current inode: 36561 Stored inode: 1179939
[11:27:33] Current file modification time: 1567717514 (05-set-2019 23:05:14)
[11:27:33] Stored file modification time : 1523845521 (16-apr-2018 04:25:21)
[11:27:33] /usr/bin/du [ Warning ]
[11:27:33] Warning: The file properties have changed:
[11:27:33] File: /usr/bin/du
[11:27:33] Current inode: 36576 Stored inode: 1179945
[11:27:33] /usr/bin/env [ Warning ]
[11:27:33] Warning: The file properties have changed:
[11:27:33] File: /usr/bin/env
[11:27:33] Current inode: 36607 Stored inode: 1179968
[11:27:33] /usr/bin/file [ Warning ]
[11:27:33] Warning: The file properties have changed:
[11:27:33] File: /usr/bin/file
[11:27:33] Current hash: 9b00a95411bbe2f806548bea61debe9df969bb6f995b4f2da9ded779344d298a
[11:27:33] Stored hash : e97ab1817c17511cb7cf3110997ceccb4baa587a7346ffb36fb2d103eb88f452
[11:27:33] Current inode: 36685 Stored inode: 1180002
[11:27:33] Current file modification time: 1572367819 (29-ott-2019 17:50:19)
[11:27:33] Stored file modification time : 1528909779 (13-giu-2018 19:09:39)
[11:27:33] /usr/bin/find [ Warning ]
[11:27:33] Warning: The file properties have changed:
[11:27:33] File: /usr/bin/find
[11:27:33] Current inode: 36690 Stored inode: 1180005
[11:27:33] /usr/bin/GET [ Warning ]
[11:27:33] Warning: The file properties have changed:
[11:27:33] File: /usr/bin/GET
[11:27:33] Current inode: 35982 Stored inode: 1179666
[11:27:33] Current file modification time: 1575280749 (02-dic-2019 10:59:09)
[11:27:33] Stored file modification time : 1537264455 (18-set-2018 11:54:15)
[11:27:33] /usr/bin/groups [ Warning ]
[11:27:33] Warning: The file properties have changed:
[11:27:33] File: /usr/bin/groups
[11:27:33] Current inode: 36918 Stored inode: 1180119
[11:27:33] /usr/bin/head [ Warning ]
[11:27:33] Warning: The file properties have changed:
[11:27:33] File: /usr/bin/head
[11:27:33] Current inode: 37037 Stored inode: 1180186
[11:27:34] /usr/bin/id [ Warning ]
[11:27:34] Warning: The file properties have changed:
[11:27:34] File: /usr/bin/id
[11:27:34] Current inode: 37114 Stored inode: 1180221
[11:27:34] /usr/bin/ipcs [ Warning ]
[11:27:34] Warning: The file properties have changed:
[11:27:34] File: /usr/bin/ipcs
[11:27:34] Current hash: b2c1d5345538fcf80018453f2788cd6bec9a92b8ad575ebc56271d88762da0ab
[11:27:34] Stored hash : 4b91575d65bd4b44c300a55c7c7474a5c4f158b72b7050d5bb7c094e030ef560
[11:27:34] Current inode: 37184 Stored inode: 1180272
[11:27:34] Current file modification time: 1566517666 (23-ago-2019 01:47:46)
[11:27:34] Stored file modification time : 1526467297 (16-mag-2018 12:41:37)
[11:27:34] /usr/bin/killall [ Warning ]
[11:27:34] Warning: The file properties have changed:
[11:27:34] File: /usr/bin/killall
[11:27:34] Current hash: ccfea15ea2ac5af918c4627bb7e43ad273ab96232bb886aa4578ccd990873c51
[11:27:34] Stored hash : 525efa977202c43ea5d8ce0d86a42bb34be77175d8ad066e00cba374e397074f
[11:27:34] Current inode: 37262 Stored inode: 1180323
[11:27:34] Current size: 27768 Stored size: 23704
[11:27:34] Current file modification time: 1544543164 (11-dic-2018 16:46:04)
[11:27:34] Stored file modification time : 1497560089 (15-giu-2017 22:54:49)
[11:27:34] /usr/bin/last [ Warning ]
[11:27:34] Warning: The file properties have changed:
[11:27:34] File: /usr/bin/last
[11:27:34] Current hash: d7eb312f42dcd0a6ad00372392aa70cb17a871333136fa78fd9009e406da1813
[11:27:34] Stored hash : 5ed758c30eb9db085fb0736e001463595e48600f71d15b956309ce35f9355a09
[11:27:34] Current inode: 37295 Stored inode: 1180329
[11:27:34] Current file modification time: 1566517666 (23-ago-2019 01:47:46)
[11:27:34] Stored file modification time : 1526467297 (16-mag-2018 12:41:37)
[11:27:34] /usr/bin/lastlog [ Warning ]
[11:27:34] Warning: The file properties have changed:
[11:27:34] File: /usr/bin/lastlog
[11:27:34] Current hash: a9af62859f4b8d8dfd76268e57587006da1a95f719554aa902e57bd41a7eab5a
[11:27:34] Stored hash : 90e9cdc574cd27261350582c05b883deff0f1430144c6619724b361bc566565b
[11:27:34] Current inode: 37297 Stored inode: 1180331
[11:27:34] Current file modification time: 1553281538 (22-mar-2019 20:05:38)
[11:27:34] Stored file modification time : 1516892962 (25-gen-2018 16:09:22)
[11:27:34] /usr/bin/ldd [ Warning ]
[11:27:34] Warning: The file properties have changed:
[11:27:34] File: /usr/bin/ldd
[11:27:34] Current inode: 37308 Stored inode: 1180338
[11:27:34] Info: Found file '/usr/bin/ldd': it is whitelisted for the 'script replacement' check.
[11:27:34] /usr/bin/less [ Warning ]
[11:27:34] Warning: The file properties have changed:
[11:27:34] File: /usr/bin/less
[11:27:34] Current inode: 37312 Stored inode: 1180340
[11:27:34] Current file modification time: 1575280753 (02-dic-2019 10:59:13)
[11:27:35] Stored file modification time : 1537264458 (18-set-2018 11:54:18)
[11:27:35] /usr/bin/locate [ Warning ]
[11:27:35] Warning: The file properties have changed:
[11:27:35] File: /usr/bin/locate
[11:27:35] Current inode: 37399 Stored inode: 1180372
[11:27:35] Current file modification time: 1575280753 (02-dic-2019 10:59:13)
[11:27:35] Stored file modification time : 1537264458 (18-set-2018 11:54:18)
[11:27:35] /usr/bin/logger [ Warning ]
[11:27:35] Warning: The file properties have changed:
[11:27:35] File: /usr/bin/logger
[11:27:35] Current hash: 2be57a5c524e722c08a74cdf5317775769a532919dad45923644f2a5d036304e
[11:27:35] Stored hash : 31581aeddd9b97d5fd22c0576ed602c170dc6c682703f9110324f4dc1d2d7103
[11:27:35] Current inode: 37400 Stored inode: 1180376
[11:27:35] Current file modification time: 1566517666 (23-ago-2019 01:47:46)
[11:27:35] Stored file modification time : 1526467297 (16-mag-2018 12:41:37)
[11:27:35] /usr/bin/lsattr [ Warning ]
[11:27:35] Warning: The file properties have changed:
[11:27:35] File: /usr/bin/lsattr
[11:27:35] Current hash: 9b93be49a51cc83829e4242e8c4d4bdca1a77e69dbe10b3767ee34dbe745101d
[11:27:35] Stored hash : 20b05f6fea4561c6e04095a38e6c1bca733f05222db317f2386f010452c180b9
[11:27:35] Current inode: 37415 Stored inode: 1180392
[11:27:35] Current file modification time: 1569520918 (26-set-2019 20:01:58)
[11:27:35] Stored file modification time : 1521918808 (24-mar-2018 20:13:28)
[11:27:35] /usr/bin/lsof [ Warning ]
[11:27:35] Warning: The file properties have changed:
[11:27:35] File: /usr/bin/lsof
[11:27:35] Current inode: 37427 Stored inode: 1180403
[11:27:35] /usr/bin/mail [ Warning ]
[11:27:35] Warning: The file properties have changed:
[11:27:35] File: /usr/bin/mail
[11:27:35] Current inode: 37466 Stored inode: 1204799
[11:27:35] Current file modification time: 1575280754 (02-dic-2019 10:59:14)
[11:27:35] Stored file modification time : 1537266339 (18-set-2018 12:25:39)
[11:27:35] /usr/bin/md5sum [ Warning ]
[11:27:35] Warning: The file properties have changed:
[11:27:35] File: /usr/bin/md5sum
[11:27:35] Current inode: 37560 Stored inode: 1180503
[11:27:35] /usr/bin/mlocate [ Warning ]
[11:27:35] Warning: The file properties have changed:
[11:27:35] File: /usr/bin/mlocate
[11:27:35] Current inode: 37619 Stored inode: 1180528
[11:27:36] /usr/bin/newgrp [ Warning ]
[11:27:36] Warning: The file properties have changed:
[11:27:36] File: /usr/bin/newgrp
[11:27:36] Current hash: 3117850ff94fbd09f49263c68001eb6603905aa1c07d137ec852031d873a4ab1
[11:27:36] Stored hash : a62482d823e335c9b113f78ddbe58d8d5561aea260f713f4cbf49bdb9e3e8f93
[11:27:36] Current inode: 37720 Stored inode: 1180585
[11:27:36] Current file modification time: 1553281538 (22-mar-2019 20:05:38)
[11:27:36] Stored file modification time : 1516892962 (25-gen-2018 16:09:22)
[11:27:36] /usr/bin/passwd [ Warning ]
[11:27:36] Warning: The file properties have changed:
[11:27:36] File: /usr/bin/passwd
[11:27:36] Current hash: c9348d967627b73eeb06122ff0ca1955c870dc12a8ef1b8bc8001afa53430010
[11:27:36] Stored hash : 74d2ffc34d86ace2f5d9dabb95de8c75abe824cd6cfc871d89faf65696241d2e
[11:27:36] Current inode: 37834 Stored inode: 1180650
[11:27:36] Current file modification time: 1553281538 (22-mar-2019 20:05:38)
[11:27:36] Stored file modification time : 1516892962 (25-gen-2018 16:09:22)
[11:27:36] /usr/bin/perl [ Warning ]
[11:27:36] Warning: The file properties have changed:
[11:27:36] File: /usr/bin/perl
[11:27:36] Current hash: 7fbeda223ca9054154cb56e47464b5a75ebbd1a0e176f4234a3a522a48092ef4
[11:27:36] Stored hash : bb206ce5ddccbb2f070b0e46f584c07bc22dd050c308e47eb7e0b55a40afba0e
[11:27:36] Current inode: 37919 Stored inode: 1180714
[11:27:36] Current size: 2097720 Stored size: 2093624
[11:27:36] Current file modification time: 1542642884 (19-nov-2018 16:54:44)
[11:27:36] Stored file modification time : 1531923663 (18-lug-2018 16:21:03)
[11:27:36] /usr/bin/pgrep [ Warning ]
[11:27:36] Warning: The file properties have changed:
[11:27:36] File: /usr/bin/pgrep
[11:27:36] Current hash: 607d268539f5073d67973cfac72f6ed116fee89f97ff0eb3f2ea60cbf3f168da
[11:27:36] Stored hash : 52086dbdb63bf01bc6c247470a895ac1925bbd1de6452a256cdbaaa48d8e3ef7
[11:27:36] Current inode: 37953 Stored inode: 1180741
[11:27:36] Current file modification time: 1565365047 (09-ago-2019 17:37:27)
[11:27:36] Stored file modification time : 1526299300 (14-mag-2018 14:01:40)
[11:27:36] /usr/bin/pkill [ Warning ]
[11:27:36] Warning: The file properties have changed:
[11:27:36] File: /usr/bin/pkill
[11:27:36] Current hash: 607d268539f5073d67973cfac72f6ed116fee89f97ff0eb3f2ea60cbf3f168da
[11:27:36] Stored hash : 52086dbdb63bf01bc6c247470a895ac1925bbd1de6452a256cdbaaa48d8e3ef7
[11:27:36] Current inode: 37975 Stored inode: 1180758
[11:27:36] Current file modification time: 1575280755 (02-dic-2019 10:59:15)
[11:27:36] Stored file modification time : 1537264458 (18-set-2018 11:54:18)
[11:27:36] /usr/bin/pstree [ Warning ]
[11:27:36] Warning: The file properties have changed:
[11:27:36] File: /usr/bin/pstree
[11:27:36] Current hash: 3ebb6d41888a42802e43416e85fbece5f83bcf02dd1614d2933c766207c12a28
[11:27:36] Stored hash : 5ba6189beead12a699ffb5e4b1a8fb7ae88f56981e948cb7c7c15776e4f4f63e
[11:27:36] Current inode: 38183 Stored inode: 1180928
[11:27:37] Current file modification time: 1544543164 (11-dic-2018 16:46:04)
[11:27:37] Stored file modification time : 1497560089 (15-giu-2017 22:54:49)
[11:27:37] /usr/bin/rkhunter [ Warning ]
[11:27:37] Warning: The file properties have changed:
[11:27:37] File: /usr/bin/rkhunter
[11:27:37] Current inode: 38384 Stored inode: 1190555
[11:27:37] /usr/bin/rpm [ Warning ]
[11:27:37] Warning: The file '/usr/bin/rpm' exists on the system, but it is not present in the 'rkhunter.dat' file.
[11:27:37] /usr/bin/runcon [ Warning ]
[11:27:37] Warning: The file properties have changed:
[11:27:37] File: /usr/bin/runcon
[11:27:37] Current inode: 38429 Stored inode: 1181046
[11:27:37] /usr/bin/sha1sum [ Warning ]
[11:27:37] Warning: The file properties have changed:
[11:27:37] File: /usr/bin/sha1sum
[11:27:37] Current inode: 38592 Stored inode: 1181099
[11:27:37] /usr/bin/sha224sum [ Warning ]
[11:27:37] Warning: The file properties have changed:
[11:27:37] File: /usr/bin/sha224sum
[11:27:37] Current inode: 38593 Stored inode: 1181100
[11:27:37] /usr/bin/sha256sum [ Warning ]
[11:27:37] Warning: The file properties have changed:
[11:27:37] File: /usr/bin/sha256sum
[11:27:37] Current inode: 38595 Stored inode: 1181101
[11:27:37] /usr/bin/sha384sum [ Warning ]
[11:27:37] Warning: The file properties have changed:
[11:27:37] File: /usr/bin/sha384sum
[11:27:37] Current inode: 38596 Stored inode: 1181102
[11:27:37] /usr/bin/sha512sum [ Warning ]
[11:27:37] Warning: The file properties have changed:
[11:27:37] File: /usr/bin/sha512sum
[11:27:37] Current inode: 38597 Stored inode: 1181103
[11:27:37] /usr/bin/size [ Warning ]
[11:27:37] Warning: The file properties have changed:
[11:27:37] File: /usr/bin/size
[11:27:38] Current hash: b66bd6da04e6064cab25596c7f0c0153508c6b324abad4b0daff90656a5d6a23
[11:27:38] Stored hash : 6b478d3775e102443e90fecc81069f6a400303f9dafa46aad3510bb7af7aad88
[11:27:38] Current inode: 38616 Stored inode: 1181114
[11:27:38] Current file modification time: 1575280756 (02-dic-2019 10:59:16)
[11:27:38] Stored file modification time : 1537264459 (18-set-2018 11:54:19)
[11:27:38] /usr/bin/sort [ Warning ]
[11:27:38] Warning: The file properties have changed:
[11:27:38] File: /usr/bin/sort
[11:27:38] Current inode: 38646 Stored inode: 1181138
[11:27:38] /usr/bin/ssh [ Warning ]
[11:27:38] Warning: The file properties have changed:
[11:27:38] File: /usr/bin/ssh
[11:27:38] Current hash: 7488a0b216c6aba596790344a6521d65b6736b88d2871a4e8b51d8e28b211136
[11:27:38] Stored hash : 645effa85ccbe0d812ab4f2d4abdb4519c7c916e56c5fd95801f56b14ec4a5c1
[11:27:38] Current inode: 38672 Stored inode: 1181155
[11:27:38] Current file modification time: 1551701871 (04-mar-2019 13:17:51)
[11:27:38] Stored file modification time : 1518229906 (10-feb-2018 03:31:46)
[11:27:38] /usr/bin/stat [ Warning ]
[11:27:38] Warning: The file properties have changed:
[11:27:38] File: /usr/bin/stat
[11:27:38] Current inode: 38687 Stored inode: 1181165
[11:27:38] /usr/bin/strace [ Warning ]
[11:27:38] Warning: The file properties have changed:
[11:27:38] File: /usr/bin/strace
[11:27:38] Current inode: 38693 Stored inode: 1181167
[11:27:38] /usr/bin/strings [ Warning ]
[11:27:38] Warning: The file properties have changed:
[11:27:38] File: /usr/bin/strings
[11:27:38] Current hash: 8ceeb25efb3e3708f2d750ea5eb6131de28e624b0c686501e43d9bef170acb58
[11:27:38] Stored hash : 9458ff5dd79759dc41788d91d15cb5d309bf1b25e3a439bc3d6ca6e3e7652d23
[11:27:38] Current inode: 38698 Stored inode: 1181172
[11:27:38] Current file modification time: 1575280757 (02-dic-2019 10:59:17)
[11:27:38] Stored file modification time : 1537264459 (18-set-2018 11:54:19)
[11:27:38] /usr/bin/sudo [ Warning ]
[11:27:38] Warning: The file properties have changed:
[11:27:38] File: /usr/bin/sudo
[11:27:38] Current hash: 1b8166f0cd692b5d2474318e0d4b4534283339c05f5d73b125370994ac9f17fc
[11:27:38] Stored hash : 9c7364b3d17e6aeaf5299b2b1589808ebb01d9a8757fd7d495137eea1e1a438e
[11:27:38] Current inode: 38702 Stored inode: 1181175
[11:27:38] Current file modification time: 1570732379 (10-ott-2019 20:32:59)
[11:27:38] Stored file modification time : 1516234096 (18-gen-2018 01:08:16)
[11:27:38] /usr/bin/tail [ Warning ]
[11:27:38] Warning: The file properties have changed:
[11:27:38] File: /usr/bin/tail
[11:27:38] Current inode: 38746 Stored inode: 1181206
[11:27:39] /usr/bin/telnet [ Warning ]
[11:27:39] Warning: The file properties have changed:
[11:27:39] File: /usr/bin/telnet
[11:27:39] Current inode: 38767 Stored inode: 1181210
[11:27:39] Current file modification time: 1575280757 (02-dic-2019 10:59:17)
[11:27:39] Stored file modification time : 1537264459 (18-set-2018 11:54:19)
[11:27:39] /usr/bin/test [ Warning ]
[11:27:39] Warning: The file properties have changed:
[11:27:39] File: /usr/bin/test
[11:27:39] Current inode: 38769 Stored inode: 1181212
[11:27:39] /usr/bin/top [ Warning ]
[11:27:39] Warning: The file properties have changed:
[11:27:39] File: /usr/bin/top
[11:27:39] Current hash: 29615b5441c4ebdd6bb1e7e3301aa5f4313b326ee009645cef443fb7bab3e1e0
[11:27:39] Stored hash : 556870c813935685d5a7e9b89ec93956937037226bbf3732adebad7338795886
[11:27:39] Current inode: 38795 Stored inode: 1181232
[11:27:39] Current file modification time: 1565365047 (09-ago-2019 17:37:27)
[11:27:39] Stored file modification time : 1526299300 (14-mag-2018 14:01:40)
[11:27:39] /usr/bin/touch [ Warning ]
[11:27:39] Warning: The file properties have changed:
[11:27:39] File: /usr/bin/touch
[11:27:39] Current inode: 38796 Stored inode: 1181233
[11:27:39] Current file modification time: 1575280757 (02-dic-2019 10:59:17)
[11:27:39] Stored file modification time : 1537264459 (18-set-2018 11:54:19)
[11:27:39] /usr/bin/tr [ Warning ]
[11:27:39] Warning: The file properties have changed:
[11:27:39] File: /usr/bin/tr
[11:27:39] Current inode: 38798 Stored inode: 1181235
[11:27:39] /usr/bin/uniq [ Warning ]
[11:27:39] Warning: The file properties have changed:
[11:27:39] File: /usr/bin/uniq
[11:27:39] Current inode: 38852 Stored inode: 1181273
[11:27:39] /usr/bin/users [ Warning ]
[11:27:39] Warning: The file properties have changed:
[11:27:39] File: /usr/bin/users
[11:27:39] Current inode: 38885 Stored inode: 1181301
[11:27:39] /usr/bin/vmstat [ Warning ]
[11:27:39] Warning: The file properties have changed:
[11:27:39] File: /usr/bin/vmstat
[11:27:39] Current hash: 04e9c1121391cd6f6c8e8290d86a692185f50374a1904e848af1937acc6486ac
[11:27:39] Stored hash : 6ecb62ad8bfba3d08a057ff3bbb171051f62e5dae7f0acdab29eb24ba3724847
[11:27:39] Current inode: 38911 Stored inode: 1181314
[11:27:39] Current file modification time: 1565365047 (09-ago-2019 17:37:27)
[11:27:39] Stored file modification time : 1526299300 (14-mag-2018 14:01:40)
[11:27:40] /usr/bin/w [ Warning ]
[11:27:40] Warning: The file properties have changed:
[11:27:40] File: /usr/bin/w
[11:27:40] Current hash: 7d3bb116f62c76aa011b39d993ed77216b38eb21bd3463b61bad8b97248b8e01
[11:27:40] Stored hash : e10c6009edc0c360c654601cf6d7d0b0daf344ca8ac49504105a297af8be688e
[11:27:40] Current inode: 38917 Stored inode: 1181318
[11:27:40] Current file modification time: 1575280758 (02-dic-2019 10:59:18)
[11:27:40] Stored file modification time : 1537264459 (18-set-2018 11:54:19)
[11:27:40] /usr/bin/watch [ Warning ]
[11:27:40] Warning: The file properties have changed:
[11:27:40] File: /usr/bin/watch
[11:27:40] Current hash: 9ff08f1ffe442ba6d08a715d0464e441938f1f634c6b6f43be55f52d7969507b
[11:27:40] Stored hash : e1b67849062109fd845612d5203709e5b62cd799a180a3be27246d5f24da7d46
[11:27:40] Current inode: 38923 Stored inode: 1181321
[11:27:40] Current file modification time: 1565365047 (09-ago-2019 17:37:27)
[11:27:40] Stored file modification time : 1526299300 (14-mag-2018 14:01:40)
[11:27:40] /usr/bin/wc [ Warning ]
[11:27:40] Warning: The file properties have changed:
[11:27:40] File: /usr/bin/wc
[11:27:40] Current inode: 38927 Stored inode: 1181324
[11:27:40] /usr/bin/wget [ Warning ]
[11:27:40] Warning: The file properties have changed:
[11:27:40] File: /usr/bin/wget
[11:27:40] Current hash: 0f2b21e911bd10d795a110af7901d7860228f63cf14594ecbfb397e66000b4ae
[11:27:40] Stored hash : 8b08160118a05cc01ba0a06217ea2266c3acc53fd57b1fe0f7c47d4b84c3a571
[11:27:40] Current inode: 38931 Stored inode: 1181325
[11:27:40] Current file modification time: 1554749510 (08-apr-2019 20:51:50)
[11:27:40] Stored file modification time : 1525798921 (08-mag-2018 19:02:01)
[11:27:40] /usr/bin/whatis [ Warning ]
[11:27:40] Warning: The file properties have changed:
[11:27:40] File: /usr/bin/whatis
[11:27:40] Current hash: 4db12b03ae8a2b9bfdb8d275f71d60b08cf0cc6b92c13062f87960e98d34fc60
[11:27:40] Stored hash : 9dca55b557385e2d7c47ba16372703ce1b1d7b80c5576ac5bd68c40e892e7353
[11:27:40] Current inode: 38933 Stored inode: 1181326
[11:27:40] Current file modification time: 1533410172 (04-ago-2018 21:16:12)
[11:27:40] Stored file modification time : 1523099733 (07-apr-2018 13:15:33)
[11:27:40] /usr/bin/whereis [ Warning ]
[11:27:40] Warning: The file properties have changed:
[11:27:40] File: /usr/bin/whereis
[11:27:40] Current hash: 80be7b9256ed74d577b8d7389542b224923aec50ced043fca32c64af7c2f25eb
[11:27:40] Stored hash : fc1f9b41b89520db6267dfeb5e4a944e7de8581bea089fba05fa41ebe112b028
[11:27:40] Current inode: 38934 Stored inode: 1181327
[11:27:40] Current file modification time: 1566517666 (23-ago-2019 01:47:46)
[11:27:40] Stored file modification time : 1526467297 (16-mag-2018 12:41:37)
[11:27:40] /usr/bin/which [ Warning ]
[11:27:40] Warning: The file properties have changed:
[11:27:40] File: /usr/bin/which
[11:27:40] Current inode: 38935 Stored inode: 1181328
[11:27:40] Current file modification time: 1575280758 (02-dic-2019 10:59:18)
[11:27:40] Stored file modification time : 1537264459 (18-set-2018 11:54:19)
[11:27:41] /usr/bin/who [ Warning ]
[11:27:41] Warning: The file properties have changed:
[11:27:41] File: /usr/bin/who
[11:27:41] Current inode: 38937 Stored inode: 1181329
[11:27:41] /usr/bin/whoami [ Warning ]
[11:27:41] Warning: The file properties have changed:
[11:27:41] File: /usr/bin/whoami
[11:27:41] Current inode: 38940 Stored inode: 1181330
[11:27:41] /usr/bin/numfmt [ Warning ]
[11:27:41] Warning: The file properties have changed:
[11:27:41] File: /usr/bin/numfmt
[11:27:41] Current inode: 37754 Stored inode: 1180608
[11:27:41] /usr/bin/gawk [ Warning ]
[11:27:41] Warning: The file properties have changed:
[11:27:41] File: /usr/bin/gawk
[11:27:41] Current inode: 36759 Stored inode: 1180050
[11:27:41] /usr/bin/lwp-request [ Warning ]
[11:27:41] Warning: The file properties have changed:
[11:27:41] File: /usr/bin/lwp-request
[11:27:41] Current inode: 37441 Stored inode: 1180413
[11:27:41] Current file modification time: 1558428953 (21-mag-2019 10:55:53)
[11:27:41] Stored file modification time : 1514315302 (26-dic-2017 20:08:22)
[11:27:41] Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: Perl script text executable
[11:27:41] /usr/bin/mail.mailutils [ Warning ]
[11:27:41] Warning: The file properties have changed:
[11:27:41] File: /usr/bin/mail.mailutils
[11:27:41] Current inode: 37467 Stored inode: 1203803
[11:27:41] /usr/bin/x86_64-linux-gnu-size [ Warning ]
[11:27:41] Warning: The file properties have changed:
[11:27:41] File: /usr/bin/x86_64-linux-gnu-size
[11:27:41] Current hash: b66bd6da04e6064cab25596c7f0c0153508c6b324abad4b0daff90656a5d6a23
[11:27:41] Stored hash : 6b478d3775e102443e90fecc81069f6a400303f9dafa46aad3510bb7af7aad88
[11:27:41] Current inode: 39017 Stored inode: 1181364
[11:27:41] Current file modification time: 1557303247 (08-mag-2019 10:14:07)
[11:27:41] Stored file modification time : 1526498451 (16-mag-2018 21:20:51)
[11:27:41] /usr/bin/x86_64-linux-gnu-strings [ Warning ]
[11:27:41] Warning: The file properties have changed:
[11:27:41] File: /usr/bin/x86_64-linux-gnu-strings
[11:27:41] Current hash: 8ceeb25efb3e3708f2d750ea5eb6131de28e624b0c686501e43d9bef170acb58
[11:27:41] Stored hash : 9458ff5dd79759dc41788d91d15cb5d309bf1b25e3a439bc3d6ca6e3e7652d23
[11:27:41] Current inode: 39018 Stored inode: 1181365
[11:27:41] Current file modification time: 1557303247 (08-mag-2019 10:14:07)
[11:27:42] Stored file modification time : 1526498451 (16-mag-2018 21:20:51)
[11:27:42] /usr/bin/telnet.netkit [ Warning ]
[11:27:42] Warning: The file properties have changed:
[11:27:42] File: /usr/bin/telnet.netkit
[11:27:42] Current inode: 38768 Stored inode: 1181211
[11:27:42] /usr/bin/w.procps [ Warning ]
[11:27:42] Warning: The file properties have changed:
[11:27:42] File: /usr/bin/w.procps
[11:27:42] Current hash: 7d3bb116f62c76aa011b39d993ed77216b38eb21bd3463b61bad8b97248b8e01
[11:27:42] Stored hash : e10c6009edc0c360c654601cf6d7d0b0daf344ca8ac49504105a297af8be688e
[11:27:42] Current inode: 38918 Stored inode: 1181319
[11:27:42] Current file modification time: 1565365047 (09-ago-2019 17:37:27)
[11:27:42] Stored file modification time : 1526299300 (14-mag-2018 14:01:40)
[11:27:42] /sbin/depmod [ Warning ]
[11:27:42] Warning: The file properties have changed:
[11:27:42] File: /sbin/depmod
[11:27:42] Current hash: 31e9e2579309d2c68a812d63710cb8257601970bb73344b5ff454d362bde1695
[11:27:42] Stored hash : f06728a3741cb68fc8e57972fbf34136ee4e754c3e65d7189805b06ec1193fa3
[11:27:42] Current inode: 35711 Stored inode: 131297
[11:27:42] Current file modification time: 1575280748 (02-dic-2019 10:59:08)
[11:27:42] Stored file modification time : 1537264454 (18-set-2018 11:54:14)
[11:27:42] /sbin/fsck
Hason:
Código:
Segunda parte de rkhunter sin modificar:
[11:29:33] Info: Starting test name 'malware'
[11:29:33] Performing malware checks
[11:29:33]
[11:29:33] Info: Test 'deleted_files' disabled at users request.
[11:29:33]
[11:29:33] Info: Starting test name 'running_procs'
[11:29:37] Checking running processes for suspicious files [ None found ]
[11:29:37]
[11:29:37] Info: Test 'hidden_procs' disabled at users request.
[11:29:38]
[11:29:38] Info: Test 'suspscan' disabled at users request.
[11:29:38]
[11:29:38] Info: Starting test name 'login_backdoors'
[11:29:38] Checking for '/bin/.login' [ Not found ]
[11:29:38] Checking for '/sbin/.login' [ Not found ]
[11:29:38] Checking for login backdoors [ None found ]
[11:29:38]
[11:29:38] Info: Starting test name 'sniffer_logs'
[11:29:38] Checking for file '/usr/lib/libice.log' [ Not found ]
[11:29:38] Checking for file '/dev/prom/sn.l' [ Not found ]
[11:29:38] Checking for file '/dev/fd/.88/zxsniff.log' [ Not found ]
[11:29:38] Checking for sniffer log files [ None found ]
[11:29:38]
[11:29:38] Info: Starting test name 'tripwire'
[11:29:38] Checking for software intrusions [ Skipped ]
[11:29:38] Info: Check skipped - tripwire not installed
[11:29:38]
[11:29:38] Info: Starting test name 'susp_dirs'
[11:29:38] Checking for directory '/usr/X11R6/bin/.,/copy' [ Not found ]
[11:29:38] Checking for directory '/dev/rd/cdb' [ Not found ]
[11:29:38] Checking for suspicious directories [ None found ]
[11:29:38]
[11:29:38] Info: Starting test name 'ipc_shared_mem'
[11:29:38] Info: The minimum shared memory segment size to be checked (in bytes): 1048576 (1,0MB)
[11:29:38] Checking for suspicious (large) shared memory segments [ Warning ]
[11:29:38] Warning: The following suspicious (large) shared memory segments have been found:
[11:29:38] Process: /usr/bin/mate-panel PID: 11695 Owner: caine Size: 64MB (configured size allowed: 1,0MB)
[11:29:38] Process: /usr/bin/caja PID: 11803 Owner: caine Size: 4,0MB (configured size allowed: 1,0MB)
[11:29:38] Process: /usr/bin/caja PID: 11803 Owner: caine Size: 64MB (configured size allowed: 1,0MB)
[11:29:38] Process: /usr/lib/firefox/firefox PID: 12084 Owner: caine Size: 7,6MB (configured size allowed: 1,0MB)
[11:29:38] Process: /usr/bin/marco PID: 11688 Owner: caine Size: 2,0MB (configured size allowed: 1,0MB)
[11:29:38] Process: /usr/lib/firefox/firefox PID: 12084 Owner: caine Size: 7,6MB (configured size allowed: 1,0MB)
[11:29:38] Process: /usr/lib/firefox/firefox PID: 12084 Owner: caine Size: 7,6MB (configured size allowed: 1,0MB)
[11:29:38] Process: /usr/bin/mate-terminal PID: 16249 Owner: root Size: 4,0MB (configured size allowed: 1,0MB)
[11:29:38] Process: /usr/lib/firefox/firefox PID: 12084 Owner: caine Size: 7,6MB (configured size allowed: 1,0MB)
[11:29:38] Process: /usr/bin/gnome-disks PID: 24461 Owner: caine Size: 4,0MB (configured size allowed: 1,0MB)
[11:29:38] Process: /usr/bin/mate-terminal PID: 16524 Owner: caine Size: 4,0MB (configured size allowed: 1,0MB)
[11:29:38] Process: /usr/bin/caja PID: 23540 Owner: root Size: 8,0MB (configured size allowed: 1,0MB)
[11:29:38]
[11:29:38] Info: Starting test name 'trojans'
[11:29:38] Performing trojan specific checks
[11:29:38] Checking for enabled inetd services [ Skipped ]
[11:29:38] Info: Check skipped - file '/etc/inetd.conf' does not exist.
[11:29:38] Checking for enabled xinetd services [ Skipped ]
[11:29:38] Info: Check skipped - file '/etc/xinetd.conf' does not exist.
[11:29:38] Checking for Apache backdoor [ Skipped ]
[11:29:38] Info: Check skipped - no Apache module or configuration directories found.
[11:29:38]
[11:29:38] Info: Starting test name 'os_specific'
[11:29:38] Performing Linux specific checks
[11:29:38] Checking loaded kernel modules [ OK ]
[11:29:38] Info: Using modules pathname of '/lib/modules/5.0.0-32-generic'
[11:29:39] Checking kernel module names [ OK ]
[11:30:36]
[11:30:36] Info: Starting test name 'network'
[11:30:36] Checking the network...
[11:30:36]
[11:30:36] Performing checks on the network ports
[11:30:36] Info: Starting test name 'ports'
[11:30:36] Performing check for backdoor ports
[11:30:36] Checking for TCP port 1524 [ Not found ]
[11:30:36] Checking for TCP port 1984 [ Not found ]
[11:30:36] Checking for UDP port 2001 [ Not found ]
[11:30:37] Checking for TCP port 2006 [ Not found ]
[11:30:37] Checking for TCP port 2128 [ Not found ]
[11:30:37] Checking for TCP port 6666 [ Not found ]
[11:30:37] Checking for TCP port 6667 [ Not found ]
[11:30:37] Checking for TCP port 6668 [ Not found ]
[11:30:37] Checking for TCP port 6669 [ Not found ]
[11:30:37] Checking for TCP port 7000 [ Not found ]
[11:30:37] Checking for TCP port 13000 [ Not found ]
[11:30:37] Checking for TCP port 14856 [ Not found ]
[11:30:37] Checking for TCP port 25000 [ Not found ]
[11:30:37] Checking for TCP port 29812 [ Not found ]
[11:30:37] Checking for TCP port 31337 [ Not found ]
[11:30:37] Checking for TCP port 32982 [ Not found ]
[11:30:37] Checking for TCP port 33369 [ Not found ]
[11:30:37] Checking for TCP port 47107 [ Not found ]
[11:30:38] Checking for TCP port 47018 [ Not found ]
[11:30:38] Checking for TCP port 60922 [ Not found ]
[11:30:38] Checking for TCP port 62883 [ Not found ]
[11:30:38] Checking for TCP port 65535 [ Not found ]
[11:30:38] Checking for backdoor ports [ None found ]
[11:30:38]
[11:30:38] Info: Test 'hidden_ports' disabled at users request.
[11:30:38]
[11:30:38] Performing checks on the network interfaces
[11:30:38] Info: Starting test name 'promisc'
[11:30:38] Checking for promiscuous interfaces [ None found ]
[11:30:38]
[11:30:38] Info: Test 'packet_cap_apps' disabled at users request.
[11:30:38]
[11:30:38] Info: Starting test name 'local_host'
[11:30:38] Checking the local host...
[11:30:38]
[11:30:38] Info: Starting test name 'startup_files'
[11:30:38] Performing system boot checks
[11:30:38] Checking for local host name [ Found ]
[11:30:38]
[11:30:38] Info: Starting test name 'startup_malware'
[11:30:38] Checking for system startup files [ Found ]
[11:30:40] Checking system startup files for malware [ None found ]
[11:30:40]
[11:30:40] Info: Starting test name 'group_accounts'
[11:30:40] Performing group and account checks
[11:30:40] Checking for passwd file [ Found ]
[11:30:40] Info: Found password file: /etc/passwd
[11:30:40] Checking for root equivalent (UID 0) accounts [ None found ]
[11:30:40] Info: Found shadow file: /etc/shadow
[11:30:40] Checking for passwordless accounts [ Warning ]
[11:30:40] Warning: Found passwordless account in shadow file: caine
[11:30:40]
[11:30:40] Info: Starting test name 'passwd_changes'
[11:30:40] Checking for passwd file changes [ None found ]
[11:30:40]
[11:30:40] Info: Starting test name 'group_changes'
[11:30:40] Checking for group file changes [ None found ]
[11:30:40] Checking root account shell history files [ OK ]
[11:30:40]
[11:30:40] Info: Starting test name 'system_configs'
[11:30:40] Performing system configuration file checks
[11:30:40]
[11:30:40] Info: Starting test name 'system_configs_ssh'
[11:30:40] Checking for an SSH configuration file [ Found ]
[11:30:40] Info: Found an SSH configuration file: /etc/ssh/sshd_config
[11:30:40] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'no'.
[11:30:40] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '2'.
[11:30:40] Checking if SSH root access is allowed [ Warning ]
[11:30:40] Warning: The SSH configuration option 'PermitRootLogin' has not been set.
The default value may be 'yes', to allow root access.
[11:30:40] Checking if SSH protocol v1 is allowed [ Not set ]
[11:30:40] Checking for other suspicious configuration settings [ None found ]
[11:30:40]
[11:30:40] Info: Starting test name 'system_configs_syslog'
[11:30:40] Checking for a running system logging daemon [ Found ]
[11:30:40] Info: A running 'rsyslog' daemon has been found.
[11:30:40] Info: A running 'systemd-journald' daemon has been found.
[11:30:40] Info: Found an rsyslog configuration file: /etc/rsyslog.conf
[11:30:40] Info: Found a systemd configuration file: /etc/systemd/journald.conf
[11:30:41] Checking for a system logging configuration file [ Found ]
[11:30:41] Checking if syslog remote logging is allowed [ Not allowed ]
[11:30:41]
[11:30:41] Info: Starting test name 'filesystem'
[11:30:41] Performing filesystem checks
[11:30:41] Info: SCAN_MODE_DEV set to 'THOROUGH'
[11:30:43] Checking /dev for suspicious file types [ None found ]
[11:30:43] Checking for hidden files and directories [ Warning ]
[11:30:43] Warning: Hidden directory found: /etc/.java
[11:30:43] Checking for missing log files [ Skipped ]
[11:30:43] Info: No missing log file names configured.
[11:30:43] Checking for empty log files [ Skipped ]
[11:30:43] Info: No empty log file names configured.
[11:34:53]
[11:34:53] Info: Test 'apps' disabled at users request.
[11:34:53]
[11:34:53] System checks summary
[11:34:53] =====================
[11:34:53]
[11:34:53] File properties checks...
[11:34:53] Required commands check failed
[11:34:53] Files checked: 152
[11:34:53] Suspect files: 152
[11:34:53]
[11:34:53] Rootkit checks...
[11:34:53] Rootkits checked : 500
[11:34:53] Possible rootkits: 12
[11:34:53]
[11:34:53] Applications checks...
[11:34:53] All checks skipped
[11:34:53]
[11:34:53] The system checks took: 7 minutes and 30 seconds
[11:34:53]
[11:34:53] Info: End date is gio 23 giu 2022, 11.34.53, CEST
Bien, este es el primer log, sin modificar rkhunter, arroja muchos warnings, y los posibles rootkits 12, ahora pondré en el siguiente post el análisis con rkhunter arreglado, desaparecen casi todos los warning,sigue marcando alguno, y los posibles rootkits continuan.
Sigo.
Hason:
Código:
[11:45:22] Info: Starting test name 'properties'
[11:45:22] Performing file properties checks
[11:45:22] Warning: Checking for prerequisites [ Warning ]
[11:45:22] No output from the 'lsattr' command - all file immutable-bit checks will be skipped.
[11:45:24] /usr/local/bin/test [ OK ]
[11:45:25] /usr/sbin/adduser [ OK ]
[11:45:25] Info: Found file '/usr/sbin/adduser': it is whitelisted for the 'script replacement' check.
[11:45:25] /usr/sbin/chroot [ OK ]
[11:45:25] /usr/sbin/cron [ OK ]
[11:45:25] /usr/sbin/groupadd [ OK ]
[11:45:25] /usr/sbin/groupdel [ OK ]
[11:45:25] /usr/sbin/groupmod [ OK ]
[11:45:25] /usr/sbin/grpck [ OK ]
[11:45:26] /usr/sbin/nologin [ OK ]
[11:45:26] /usr/sbin/pwck [ OK ]
[11:45:26] /usr/sbin/rsyslogd [ OK ]
[11:45:26] /usr/sbin/sshd [ OK ]
[11:45:26] /usr/sbin/useradd [ OK ]
[11:45:27] /usr/sbin/userdel [ OK ]
[11:45:27] /usr/sbin/usermod [ OK ]
[11:45:27] /usr/sbin/vipw [ OK ]
[11:45:27] /usr/sbin/unhide [ OK ]
[11:45:27] /usr/sbin/unhide-linux [ OK ]
[11:45:27] /usr/sbin/unhide-posix [ OK ]
[11:45:27] /usr/sbin/unhide-tcp [ OK ]
[11:45:27] /usr/bin/awk [ OK ]
[11:45:27] /usr/bin/basename [ OK ]
[11:45:27] /usr/bin/chattr [ OK ]
[11:45:28] /usr/bin/cut [ OK ]
[11:45:28] /usr/bin/diff [ OK ]
[11:45:28] /usr/bin/dirname [ OK ]
[11:45:28] /usr/bin/dpkg [ OK ]
[11:45:28] /usr/bin/dpkg-query [ OK ]
[11:45:28] /usr/bin/du [ OK ]
[11:45:28] /usr/bin/env [ OK ]
[11:45:28] /usr/bin/file [ OK ]
[11:45:28] /usr/bin/find [ OK ]
[11:45:28] /usr/bin/GET [ OK ]
[11:45:28] /usr/bin/groups [ OK ]
[11:45:28] /usr/bin/head [ OK ]
[11:45:29] /usr/bin/id [ OK ]
[11:45:29] /usr/bin/ipcs [ OK ]
[11:45:29] /usr/bin/killall [ OK ]
[11:45:29] /usr/bin/last [ OK ]
[11:45:29] /usr/bin/lastlog [ OK ]
[11:45:29] /usr/bin/ldd [ OK ]
[11:45:29] Info: Found file '/usr/bin/ldd': it is whitelisted for the 'script replacement' check.
[11:45:29] /usr/bin/less [ OK ]
[11:45:29] /usr/bin/locate [ OK ]
[11:45:29] /usr/bin/logger [ OK ]
[11:45:29] /usr/bin/lsattr [ OK ]
[11:45:29] /usr/bin/lsof [ OK ]
[11:45:29] /usr/bin/mail [ OK ]
[11:45:30] /usr/bin/md5sum [ OK ]
[11:45:30] /usr/bin/mlocate [ OK ]
[11:45:30] /usr/bin/newgrp [ OK ]
[11:45:30] /usr/bin/passwd [ OK ]
[11:45:30] /usr/bin/perl [ OK ]
[11:45:30] /usr/bin/pgrep [ OK ]
[11:45:30] /usr/bin/pkill [ OK ]
[11:45:30] /usr/bin/pstree [ OK ]
[11:45:30] /usr/bin/rkhunter [ OK ]
[11:45:30] /usr/bin/rpm [ OK ]
[11:45:30] /usr/bin/runcon [ OK ]
[11:45:31] /usr/bin/sha1sum [ OK ]
[11:45:31] /usr/bin/sha224sum [ OK ]
[11:45:31] /usr/bin/sha256sum [ OK ]
[11:45:31] /usr/bin/sha384sum [ OK ]
[11:45:31] /usr/bin/sha512sum [ OK ]
[11:45:31] /usr/bin/size [ OK ]
[11:45:31] /usr/bin/sort [ OK ]
[11:45:31] /usr/bin/ssh [ OK ]
[11:45:31] /usr/bin/stat [ OK ]
[11:45:31] /usr/bin/strace [ OK ]
[11:45:31] /usr/bin/strings [ OK ]
[11:45:31] /usr/bin/sudo [ OK ]
[11:45:32] /usr/bin/tail [ OK ]
[11:45:32] /usr/bin/telnet [ OK ]
[11:45:32] /usr/bin/test [ OK ]
[11:45:32] /usr/bin/top [ OK ]
[11:45:32] /usr/bin/touch [ OK ]
[11:45:32] /usr/bin/tr [ OK ]
[11:45:32] /usr/bin/uniq [ OK ]
[11:45:32] /usr/bin/users [ OK ]
[11:45:32] /usr/bin/vmstat [ OK ]
[11:45:32] /usr/bin/w [ OK ]
[11:45:32] /usr/bin/watch [ OK ]
[11:45:32] /usr/bin/wc [ OK ]
[11:45:32] /usr/bin/wget [ OK ]
[11:45:33] /usr/bin/whatis [ OK ]
[11:45:33] /usr/bin/whereis [ OK ]
[11:45:33] /usr/bin/which [ OK ]
[11:45:33] /usr/bin/who [ OK ]
[11:45:33] /usr/bin/whoami [ OK ]
[11:45:33] /usr/bin/numfmt [ OK ]
[11:45:33] /usr/bin/gawk [ OK ]
[11:45:33] /usr/bin/lwp-request [ Warning ]
[11:45:33] Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: Perl script text executable
[11:45:33] /usr/bin/mail.mailutils [ OK ]
[11:45:33] /usr/bin/x86_64-linux-gnu-size [ OK ]
[11:45:33] /usr/bin/x86_64-linux-gnu-strings [ OK ]
[11:45:33] /usr/bin/telnet.netkit [ OK ]
[11:45:33] /usr/bin/w.procps [ OK ]
[11:45:34] /sbin/depmod [ OK ]
[11:45:34] /sbin/fsck [ OK ]
[11:45:34] /sbin/ifconfig [ OK ]
[11:45:34] /sbin/ifdown [ OK ]
[11:45:34] /sbin/ifup [ OK ]
[11:45:34] /sbin/init [ OK ]
[11:45:34] /sbin/insmod [ OK ]
[11:45:34] /sbin/ip [ OK ]
[11:45:35] /sbin/lsmod [ OK ]
[11:45:35] /sbin/modinfo [ OK ]
[11:45:35] /sbin/modprobe [ OK ]
[11:45:35] /sbin/rmmod [ OK ]
[11:45:35] /sbin/route [ OK ]
[11:45:35] /sbin/runlevel [ OK ]
[11:45:35] /sbin/sulogin [ OK ]
[11:45:36] /sbin/sysctl [ OK ]
[11:45:36] /bin/bash [ OK ]
[11:45:36] /bin/cat [ OK ]
[11:45:36] /bin/chmod [ OK ]
[11:45:36] /bin/chown [ OK ]
[11:45:36] /bin/cp [ OK ]
[11:45:36] /bin/date [ OK ]
[11:45:36] /bin/df [ OK ]
[11:45:37] /bin/dmesg [ OK ]
[11:45:37] /bin/echo [ OK ]
[11:45:37] /bin/ed [ OK ]
[11:45:37] /bin/egrep [ OK ]
[11:45:37] Info: Found file '/bin/egrep': it is whitelisted for the 'script replacement' check.
[11:45:37] /bin/fgrep [ OK ]
[11:45:37] Info: Found file '/bin/fgrep': it is whitelisted for the 'script replacement' check.
[11:45:37] /bin/fuser [ OK ]
[11:45:37] /bin/grep [ OK ]
[11:45:37] /bin/ip [ OK ]
[11:45:37] /bin/kill [ OK ]
[11:45:37] /bin/less [ OK ]
[11:45:38] /bin/login [ OK ]
[11:45:38] /bin/ls [ OK ]
[11:45:38] /bin/lsmod [ OK ]
[11:45:38] /bin/mktemp [ OK ]
[11:45:38] /bin/more [ OK ]
[11:45:38] /bin/mount [ OK ]
[11:45:38] /bin/mv [ OK ]
[11:45:38] /bin/netstat [ OK ]
[11:45:38] /bin/ping [ OK ]
[11:45:38] /bin/ps [ OK ]
[11:45:38] /bin/pwd [ OK ]
[11:45:39] /bin/readlink [ OK ]
[11:45:39] /bin/sed [ OK ]
[11:45:39] /bin/sh [ OK ]
[11:45:39] /bin/su [ OK ]
[11:45:39] /bin/touch [ OK ]
[11:45:39] /bin/uname [ OK ]
[11:45:39] /bin/which [ OK ]
[11:45:39] Info: Found file '/bin/which': it is whitelisted for the 'script replacement' check.
[11:45:40] /bin/kmod [ OK ]
[11:45:40] /bin/systemd [ OK ]
[11:45:40] /bin/systemctl [ OK ]
[11:45:40] /bin/dash [ OK ]
[11:45:44] /lib/systemd/systemd [ OK ]
[11:45:47]
[11:45:47] Info: Starting test name 'rootkits'
[11:45:47] Checking for rootkits...
[11:45:47]
[11:45:47] Info: Starting test name 'known_rkts'
[11:45:47] Performing check of known rootkit files and directories
[11:45:47]
[11:45:47] Checking for 55808 Trojan - Variant A...
[11:45:47] Checking for file '/tmp/.../r' [ Not found ]
[11:45:47] Checking for file '/tmp/.../a' [ Not found ]
[11:45:47] 55808 Trojan - Variant A [ Not found ]
[11:45:47]
[11:45:47] Checking for ADM Worm...
[11:45:47] Checking for string 'w0rm' [ Not found ]
[11:45:47] ADM Worm [ Not found ]
[11:45:47]
[11:45:47] Checking for AjaKit Rootkit...
[11:45:47] Checking for file '/dev/tux/.addr' [ Not found ]
[11:45:47] Checking for file '/dev/tux/.proc' [ Not found ]
[11:45:47] Checking for file '/dev/tux/.file' [ Not found ]
[11:45:47] Checking for file '/lib/.libgh-gh/cleaner' [ Not found ]
[11:45:47] Checking for file '/lib/.libgh-gh/Patch/patch' [ Not found ]
[11:45:47] Checking for file '/lib/.libgh-gh/sb0k' [ Not found ]
[11:45:47] Checking for directory '/dev/tux' [ Not found ]
[11:45:47] Checking for directory '/lib/.libgh-gh' [ Not found ]
[11:45:47] AjaKit Rootkit [ Not found ]
[11:45:47]
[11:45:47] Checking for Adore Rootkit...
[11:45:47] Checking for file '/usr/secure' [ Not found ]
[11:45:47] Checking for file '/usr/doc/sys/qrt' [ Not found ]
[11:45:47] Checking for file '/usr/doc/sys/run' [ Not found ]
[11:45:47] Checking for file '/usr/doc/sys/crond' [ Not found ]
[11:45:47] Checking for file '/usr/sbin/kfd' [ Not found ]
[11:45:47] Checking for file '/usr/doc/kern/var' [ Not found ]
[11:45:47] Checking for file '/usr/doc/kern/string.o' [ Not found ]
[11:45:47] Checking for file '/usr/doc/kern/ava' [ Not found ]
[11:45:47] Checking for file '/usr/doc/kern/adore.o' [ Not found ]
[11:45:47] Checking for file '/var/log/ssh/old' [ Not found ]
[11:45:47] Checking for directory '/lib/security/.config/ssh' [ Not found ]
[11:45:48] Checking for directory '/usr/doc/kern' [ Not found ]
[11:45:48] Checking for directory '/usr/doc/backup' [ Not found ]
[11:45:48] Checking for directory '/usr/doc/backup/txt' [ Not found ]
[11:45:48] Checking for directory '/lib/backup' [ Not found ]
[11:45:48] Checking for directory '/lib/backup/txt' [ Not found ]
[11:45:48] Checking for directory '/usr/doc/work' [ Not found ]
[11:45:48] Checking for directory '/usr/doc/sys' [ Not found ]
[11:45:48] Checking for directory '/var/log/ssh' [ Not found ]
[11:45:48] Checking for directory '/usr/doc/.spool' [ Not found ]
[11:45:48] Checking for directory '/usr/lib/kterm' [ Not found ]
[11:45:48] Adore Rootkit [ Not found ]
[11:45:48]
[11:45:48] Checking for aPa Kit...
[11:45:48] Checking for file '/usr/share/.aPa' [ Not found ]
[11:45:48] aPa Kit [ Not found ]
[11:45:48]
[11:45:48] Checking for Apache Worm...
[11:45:48] Checking for file '/bin/.log' [ Not found ]
[11:45:48] Apache Worm [ Not found ]
[11:45:48]
[11:45:48] Checking for Ambient (ark) Rootkit...
[11:45:48] Checking for file '/usr/lib/.ark?' [ Not found ]
[11:45:48] Checking for file '/dev/ptyxx/.log' [ Not found ]
[11:45:48] Checking for file '/dev/ptyxx/.file' [ Not found ]
[11:45:48] Checking for file '/dev/ptyxx/.proc' [ Not found ]
[11:45:48] Checking for file '/dev/ptyxx/.addr' [ Not found ]
[11:45:48] Checking for directory '/dev/ptyxx' [ Not found ]
[11:45:48] Ambient (ark) Rootkit [ Not found ]
[11:45:48]
[11:45:48] Checking for Balaur Rootkit...
[11:45:48] Checking for file '/usr/lib/liblog.o' [ Not found ]
[11:45:48] Checking for directory '/usr/lib/.kinetic' [ Not found ]
[11:45:48] Checking for directory '/usr/lib/.egcs' [ Not found ]
[11:45:48] Checking for directory '/usr/lib/.wormie' [ Not found ]
[11:45:48] Balaur Rootkit [ Not found ]
[11:45:48]
[11:45:48] Checking for BeastKit Rootkit...
[11:45:48] Checking for file '/usr/sbin/arobia' [ Not found ]
[11:45:48] Checking for file '/usr/sbin/idrun' [ Not found ]
[11:45:48] Checking for file '/usr/lib/elm/arobia/elm' [ Not found ]
[11:45:48] Checking for file '/usr/lib/elm/arobia/elm/hk' [ Not found ]
[11:45:48] Checking for file '/usr/lib/elm/arobia/elm/hk.pub' [ Not found ]
[11:45:48] Checking for file '/usr/lib/elm/arobia/elm/sc' [ Not found ]
[11:45:48] Checking for file '/usr/lib/elm/arobia/elm/sd.pp' [ Not found ]
[11:45:48] Checking for file '/usr/lib/elm/arobia/elm/sdco' [ Not found ]
[11:45:48] Checking for file '/usr/lib/elm/arobia/elm/srsd' [ Not found ]
[11:45:48] Checking for directory '/lib/ldd.so/bktools' [ Not found ]
[11:45:48] BeastKit Rootkit [ Not found ]
[11:45:48]
[11:45:48] Checking for beX2 Rootkit...
[11:45:48] Checking for file '/usr/info/termcap.info-5.gz' [ Not found ]
[11:45:48] Checking for file '/usr/bin/sshd2' [ Not found ]
[11:45:48] Checking for directory '/usr/include/bex' [ Not found ]
[11:45:48] beX2 Rootkit [ Not found ]
[11:45:48]
[11:45:48] Checking for BOBKit Rootkit...
[11:45:48] Checking for file '/usr/sbin/ntpsx' [ Not found ]
[11:45:48] Checking for file '/usr/sbin/.../bkit-ava' [ Not found ]
[11:45:48] Checking for file '/usr/sbin/.../bkit-d' [ Not found ]
[11:45:48] Checking for file '/usr/sbin/.../bkit-shd' [ Not found ]
[11:45:48] Checking for file '/usr/sbin/.../bkit-f' [ Not found ]
[11:45:48] Checking for file '/usr/include/.../proc.h' [ Not found ]
[11:45:48] Checking for file '/usr/include/.../.bash_history' [ Not found ]
[11:45:48] Checking for file '/usr/include/.../bkit-get' [ Not found ]
[11:45:48] Checking for file '/usr/include/.../bkit-dl' [ Not found ]
[11:45:49] Checking for file '/usr/include/.../bkit-screen' [ Not found ]
[11:45:49] Checking for file '/usr/include/.../bkit-sleep' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../bkit-adore.o' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../ls' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../netstat' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../lsof' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../bkit-ssh/bkit-shdcfg' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../bkit-ssh/bkit-shhk' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../bkit-ssh/bkit-pw' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../bkit-ssh/bkit-shrs' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../bkit-ssh/bkit-mots' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../uconf.inv' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../psr' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../find' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../pstree' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../slocate' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../du' [ Not found ]
[11:45:49] Checking for file '/usr/lib/.../top' [ Not found ]
[11:45:49] Checking for directory '/usr/sbin/...' [ Not found ]
[11:45:49] Checking for directory '/usr/include/...' [ Not found ]
[11:45:49] Checking for directory '/usr/include/.../.tmp' [ Not found ]
[11:45:49] Checking for directory '/usr/lib/...' [ Not found ]
[11:45:49] Checking for directory '/usr/lib/.../.ssh' [ Not found ]
[11:45:49] Checking for directory '/usr/lib/.../bkit-ssh' [ Not found ]
[11:45:49] Checking for directory '/usr/lib/.bkit-' [ Not found ]
[11:45:49] Checking for directory '/tmp/.bkp' [ Not found ]
[11:45:49] BOBKit Rootkit [ Not found ]
[11:45:49]
[11:45:49] Checking for cb Rootkit...
[11:45:49] Checking for file '/dev/srd0' [ Not found ]
[11:45:49] Checking for file '/lib/libproc.so.2.0.6' [ Not found ]
[11:45:49] Checking for file '/dev/mounnt' [ Not found ]
[11:45:49] Checking for file '/etc/rc.d/init.d/init' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/cl' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/.x.tgz' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/statdx' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/wted' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/write' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/scan' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/sc' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/sl2' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/wroot' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/wscan' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/wu' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/v' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/read' [ Not found ]
[11:45:49] Checking for file '/usr/lib/sshrc' [ Not found ]
[11:45:49] Checking for file '/usr/lib/ssh_host_key' [ Not found ]
[11:45:49] Checking for file '/usr/lib/ssh_host_key.pub' [ Not found ]
[11:45:49] Checking for file '/usr/lib/ssh_random_seed' [ Not found ]
[11:45:49] Checking for file '/usr/lib/sshd_config' [ Not found ]
[11:45:49] Checking for file '/usr/lib/shosts.equiv' [ Not found ]
[11:45:49] Checking for file '/usr/lib/ssh_known_hosts' [ Not found ]
[11:45:49] Checking for file '/u/zappa/.ssh/pid' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.system/..<SP>/tcp.log' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/curatare/attrib' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/curatare/chattr' [ Not found ]
[11:45:49] Checking for file '/usr/bin/.zeen/..<SP>/curatare/ps' [ Not found ]
[11:45:50] Checking for file '/usr/bin/.zeen/..<SP>/curatare/pstree' [ Not found ]
[11:45:50] Checking for file '/usr/bin/.system/..<SP>/.x/xC.o' [ Not found ]
[11:45:50] Checking for directory '/usr/bin/.zeen' [ Not found ]
[11:45:50] Checking for directory '/usr/bin/.zeen/..<SP>/curatare' [ Not found ]
[11:45:50] Checking for directory '/usr/bin/.zeen/..<SP>/scan' [ Not found ]
[11:45:50] Checking for directory '/usr/bin/.system/..<SP>' [ Not found ]
[11:45:50] cb Rootkit [ Not found ]
[11:45:50]
[11:45:50] Checking for CiNIK Worm (Slapper.B variant)...
[11:45:50] Checking for file '/tmp/.cinik' [ Not found ]
[11:45:50] Checking for directory '/tmp/.font-unix/.cinik' [ Not found ]
[11:45:50] CiNIK Worm (Slapper.B variant) [ Not found ]
[11:45:50]
[11:45:50] Checking for Danny-Boy's Abuse Kit...
[11:45:50] Checking for file '/dev/mdev' [ Not found ]
[11:45:50] Checking for file '/usr/lib/libX.a' [ Not found ]
[11:45:50] Danny-Boy's Abuse Kit [ Not found ]
[11:45:50]
[11:45:50] Checking for Devil RootKit...
[11:45:50] Checking for file '/var/lib/games/.src' [ Not found ]
[11:45:50] Checking for file '/dev/dsx' [ Not found ]
[11:45:50] Checking for file '/dev/caca' [ Not found ]
[11:45:50] Checking for file '/dev/pro' [ Not found ]
[11:45:50] Checking for file '/bin/bye' [ Not found ]
[11:45:50] Checking for file '/bin/homedir' [ Not found ]
[11:45:50] Checking for file '/usr/bin/xfss' [ Not found ]
[11:45:50] Checking for file '/usr/sbin/tzava' [ Not found ]
Voy a poner el final, me estoy dejando muchas partes, pero pongo lo más destacable, hubiera podido ponerlo todo por partes, pero vaya lio llevo así, podías dejar poner más carácteres de escritura en el foro, por que me hubiera gustado mucho poder postear los logs completos, por que me estoy liando yo mismo.
sigo en el siguiente post con el final del analisis con rkhunter ok arreglado, como podeis ver, aquí marca menos warnings, pero marca, y precisamente esos que marca me dan problemas.
Continuo.
Hason:
Citar
[ Not found ]
[11:46:03] Vampire Rootkit [ Not found ]
[11:46:03]
[11:46:03] Checking for VcKit Rootkit...
[11:46:03] Checking for directory '/usr/include/linux/modules/lib.so' [ Not found ]
[11:46:03] Checking for directory '/usr/include/linux/modules/lib.so/bin' [ Not found ]
[11:46:03] VcKit Rootkit [ Not found ]
[11:46:03]
[11:46:03] Checking for Volc Rootkit...
[11:46:03] Checking for file '/usr/bin/volc' [ Not found ]
[11:46:03] Checking for file '/usr/lib/volc/backdoor/divine' [ Not found ]
[11:46:03] Checking for file '/usr/lib/volc/linsniff' [ Not found ]
[11:46:03] Checking for file '/etc/rc.d/rc1.d/S25sysconf' [ Not found ]
[11:46:03] Checking for file '/etc/rc.d/rc2.d/S25sysconf' [ Not found ]
[11:46:03] Checking for file '/etc/rc.d/rc3.d/S25sysconf' [ Not found ]
[11:46:03] Checking for file '/etc/rc.d/rc4.d/S25sysconf' [ Not found ]
[11:46:03] Checking for file '/etc/rc.d/rc5.d/S25sysconf' [ Not found ]
[11:46:03] Checking for directory '/var/spool/.recent' [ Not found ]
[11:46:03] Checking for directory '/var/spool/.recent/.files' [ Not found ]
[11:46:03] Checking for directory '/usr/lib/volc' [ Not found ]
[11:46:03] Checking for directory '/usr/lib/volc/backup' [ Not found ]
[11:46:03] Volc Rootkit [ Not found ]
[11:46:04]
[11:46:04] Checking for Xzibit Rootkit...
[11:46:04] Checking for file '/dev/dsx' [ Not found ]
[11:46:04] Checking for file '/dev/caca' [ Not found ]
[11:46:04] Checking for file '/dev/ida/.inet/linsniffer' [ Not found ]
[11:46:04] Checking for file '/dev/ida/.inet/logclear' [ Not found ]
[11:46:04] Checking for file '/dev/ida/.inet/sense' [ Not found ]
[11:46:04] Checking for file '/dev/ida/.inet/sl2' [ Not found ]
[11:46:04] Checking for file '/dev/ida/.inet/sshdu' [ Not found ]
[11:46:04] Checking for file '/dev/ida/.inet/s' [ Not found ]
[11:46:04] Checking for file '/dev/ida/.inet/ssh_host_key' [ Not found ]
[11:46:04] Checking for file '/dev/ida/.inet/ssh_random_seed' [ Not found ]
[11:46:04] Checking for file '/dev/ida/.inet/sl2new.c' [ Not found ]
[11:46:04] Checking for file '/dev/ida/.inet/tcp.log' [ Not found ]
[11:46:04] Checking for file '/home/httpd/cgi-bin/becys.cgi' [ Not found ]
[11:46:04] Checking for file '/usr/local/httpd/cgi-bin/becys.cgi' [ Not found ]
[11:46:04] Checking for file '/usr/local/apache/cgi-bin/becys.cgi' [ Not found ]
[11:46:04] Checking for file '/www/httpd/cgi-bin/becys.cgi' [ Not found ]
[11:46:04] Checking for file '/www/cgi-bin/becys.cgi' [ Not found ]
[11:46:04] Checking for directory '/dev/ida/.inet' [ Not found ]
[11:46:04] Xzibit Rootkit [ Not found ]
[11:46:04]
[11:46:04] Checking for zaRwT.KiT Rootkit...
[11:46:04] Checking for file '/dev/rd/s/sendmeil' [ Not found ]
[11:46:04] Checking for file '/dev/ttyf' [ Not found ]
[11:46:04] Checking for file '/dev/ttyp' [ Not found ]
[11:46:04] Checking for file '/dev/ttyn' [ Not found ]
[11:46:04] Checking for file '/rk/tulz' [ Not found ]
[11:46:04] Checking for directory '/rk' [ Not found ]
[11:46:04] Checking for directory '/dev/rd/s' [ Not found ]
[11:46:04] zaRwT.KiT Rootkit [ Not found ]
[11:46:04]
[11:46:04] Checking for ZK Rootkit...
[11:46:04] Checking for file '/usr/share/.zk/zk' [ Not found ]
[11:46:04] Checking for file '/usr/X11R6/.zk/xfs' [ Not found ]
[11:46:04] Checking for file '/usr/X11R6/.zk/echo' [ Not found ]
[11:46:04] Checking for file '/etc/1ssue.net' [ Not found ]
[11:46:04] Checking for file '/etc/sysconfig/console/load.zk' [ Not found ]
[11:46:04] Checking for directory '/usr/share/.zk' [ Not found ]
[11:46:04] Checking for directory '/usr/X11R6/.zk' [ Not found ]
[11:46:04] ZK Rootkit [ Not found ]
[11:46:06]
[11:46:06] Info: Starting test name 'additional_rkts'
[11:46:06] Performing additional rootkit checks
[11:46:06]
[11:46:06] Performing Suckit Rootkit additional checks
[11:46:06] Checking hard link count on '/sbin/init' [ OK ]
[11:46:06] Checking for hidden file extensions [ None found ]
[11:46:06] Running skdet command [ Skipped ]
[11:46:06] Info: Unable to find the 'skdet' command
[11:46:06] Suckit Rootkit additional checks [ OK ]
[11:46:06]
[11:46:06] Info: Starting test name 'possible_rkt_files'
[11:46:06] Performing check of possible rootkit files and directories
[11:46:06] Checking for file '/dev/sdr0' [ Not found ]
[11:46:06] Checking for file '/dev/pisu' [ Not found ]
[11:46:06] Checking for file '/dev/xdta' [ Not found ]
[11:46:06] Checking for file '/dev/saux' [ Not found ]
[11:46:06] Checking for file '/dev/hdx' [ Not found ]
[11:46:06] Checking for file '/dev/hdx1' [ Not found ]
[11:46:06] Checking for file '/dev/hdx2' [ Not found ]
[11:46:06] Checking for file '/dev/ptyy' [ Not found ]
[11:46:06] Checking for file '/dev/ptyu' [ Not found ]
[11:46:06] Checking for file '/dev/ptyv' [ Not found ]
[11:46:06] Checking for file '/dev/hdbb' [ Not found ]
[11:46:06] Checking for file '/tmp/.syshackfile' [ Not found ]
[11:46:06] Checking for file '/tmp/.bash_history' [ Not found ]
[11:46:06] Checking for file '/usr/info/.clib' [ Not found ]
[11:46:06] Checking for file '/usr/sbin/tcp.log' [ Not found ]
[11:46:06] Checking for file '/usr/bin/take/pid' [ Not found ]
[11:46:06] Checking for file '/sbin/create' [ Not found ]
[11:46:06] Checking for file '/dev/ttypz' [ Not found ]
[11:46:06] Checking for file '/var/log/tcp.log' [ Not found ]
[11:46:06] Checking for file '/usr/include/audit.h' [ Not found ]
[11:46:06] Checking for file '/usr/bin/sourcemask' [ Not found ]
[11:46:06] Checking for file '/usr/bin/ras2xm' [ Not found ]
[11:46:06] Checking for file '/dev/xmx' [ Not found ]
[11:46:06] Checking for file '/usr/sbin/gpm.root' [ Not found ]
[11:46:06] Checking for file '/bin/vobiscum' [ Not found ]
[11:46:06] Checking for file '/bin/psr' [ Not found ]
[11:46:06] Checking for file '/dev/kdx' [ Not found ]
[11:46:06] Checking for file '/dev/dkx' [ Not found ]
[11:46:06] Checking for file '/usr/sbin/sshd3' [ Not found ]
[11:46:06] Checking for file '/usr/sbin/jcd' [ Not found ]
[11:46:06] Checking for file '/usr/sbin/atd2' [ Not found ]
[11:46:06] Checking for file '/home/httpd/cgi-bin/linux.cgi' [ Not found ]
[11:46:07] Checking for file '/home/httpd/cgi-bin/psid' [ Not found ]
[11:46:07] Checking for file '/home/httpd/cgi-bin/void.cgi' [ Not found ]
[11:46:07] Checking for file '/etc/rc.d/init.d/system' [ Not found ]
[11:46:07] Checking for file '/etc/rc.d/rc3.d/S93users' [ Not found ]
[11:46:07] Checking for file '/tmp/.ush' [ Not found ]
[11:46:07] Checking for file '/usr/lib/libhidefile.so' [ Not found ]
[11:46:07] Checking for file '/etc/cron.d/kmod' [ Not found ]
[11:46:07] Checking for file '/usr/lib/dmis/dmisd' [ Not found ]
[11:46:07] Checking for file '/lib/secure/libhij.so' [ Not found ]
[11:46:07] Checking for file '/usr/sbin/sshd3' [ Not found ]
[11:46:07] Checking for file '/etc/rc.d/init.d/crontab' [ Not found ]
[11:46:07] Checking for file '/etc/rc.d/init.d/jcd' [ Not found ]
[11:46:07] Checking for file '/usr/sbin/atd2' [ Not found ]
[11:46:07] Checking for file '/etc/rc.d/rc5.d/S93users' [ Not found ]
[11:46:07] Checking for file '/usr/include/mysql/mysql.hh1' [ Not found ]
[11:46:07] Checking for file '/etc/init.d/xfs3' [ Not found ]
[11:46:07] Checking for file '/usr/sbin/t.txt' [ Not found ]
[11:46:07] Checking for file '/usr/sbin/change' [ Not found ]
[11:46:07] Checking for file '/usr/sbin/s' [ Not found ]
[11:46:07] Checking for file '/bin/f' [ Not found ]
[11:46:07] Checking for file '/bin/i' [ Not found ]
[11:46:07] Checking for file '/lib/libncom.so.4.0.1' [ Not found ]
[11:46:07] Checking for file '/sbin/zinit' [ Not found ]
[11:46:07] Checking for file '/tmp/pass_ssh.log' [ Not found ]
[11:46:07] Checking for file '/usr/include/gpm2.h' [ Not found ]
[11:46:07] Checking for file '/etc/ssh/.sshd_auth' [ Not found ]
[11:46:07] Checking for file '/usr/lib/.sshd.h' [ Not found ]
[11:46:07] Checking for file '/var/run/.defunct' [ Not found ]
[11:46:07] Checking for file '/etc/httpd/run/.defunct' [ Not found ]
[11:46:07] Checking for file '/usr/share/pci.r' [ Not found ]
[11:46:07] Checking for file '/etc/cron.daily/dnsquery' [ Not found ]
[11:46:07] Checking for file '/usr/lib/libutil1.2.1.2.so' [ Not found ]
[11:46:07] Checking for file '/usr/lib/libppopen.so' [ Not found ]
[11:46:07] Checking for file '/usr/include/libutil2.1.h' [ Not found ]
[11:46:07] Checking for file '/usr/bin/munchhausen' [ Not found ]
[11:46:07] Checking for file '/bin/ceva' [ Not found ]
[11:46:07] Checking for file '/sbin/syslogd<SP>' [ Not found ]
[11:46:07] Checking for file '/usr/include/shup.h' [ Not found ]
[11:46:07] Checking for file '/etc/rpm/sshdOLD' [ Not found ]
[11:46:07] Checking for file '/etc/rpm/sshOLD' [ Not found ]
[11:46:07] Checking for file '/usr/share/passwd.h' [ Not found ]
[11:46:08] Checking for file '/lib/.xsyslog' [ Not found ]
[11:46:08] Checking for file '/etc/.xsyslog' [ Not found ]
[11:46:08] Checking for file '/lib/.ssyslog' [ Not found ]
[11:46:08] Checking for file '/tmp/.sendmail' [ Not found ]
[11:46:08] Checking for file '/usr/share/sshd.sync' [ Not found ]
[11:46:08] Checking for file '/bin/zcut' [ Not found ]
[11:46:08] Checking for file '/usr/bin/zmuie' [ Not found ]
[11:46:08] Checking for file '/lib/libkeyutils.so.1.9' [ Not found ]
[11:46:08] Checking for file '/lib64/libkeyutils.so.1.9' [ Not found ]
[11:46:08] Checking for file '/usr/lib/libkeyutils.so.1.9' [ Not found ]
[11:46:08] Checking for file '/usr/lib64/libkeyutils.so.1.9' [ Not found ]
[11:46:08] Checking for file '/IptabLes' [ Not found ]
[11:46:08] Checking for file '/.IptabLex' [ Not found ]
[11:46:08] Checking for file '/boot/.IptabLex' [ Not found ]
[11:46:08] Checking for file '/boot/.IptabLes' [ Not found ]
[11:46:08] Checking for file '/boot/IptabLes' [ Not found ]
[11:46:08] Checking for file '/tmp/IptabLes' [ Not found ]
[11:46:08] Checking for file '/etc/rc.d/init.d/IptabLex' [ Not found ]
[11:46:08] Checking for file '/etc/rc.d/init.d/IptabLes' [ Not found ]
[11:46:08] Checking for file '/etc/rc.d/rc0.d/S55IptabLex' [ Not found ]
[11:46:08] Checking for file '/etc/rc.d/rc1.d/S55IptabLex' [ Not found ]
[11:46:08] Checking for file '/etc/rc.d/rc2.d/S55IptabLex' [ Not found ]
[11:46:08] Checking for file '/etc/rc.d/rc3.d/S55IptabLex' [ Not found ]
[11:46:08] Checking for file '/etc/rc.d/rc4.d/S55IptabLex' [ Not found ]
[11:46:08] Checking for file '/etc/rc.d/rc5.d/S55IptabLex' [ Not found ]
[11:46:08] Checking for file '/etc/rc.d/rc6.d/S55IptabLex' [ Not found ]
[11:46:08] Checking for file '/var/lib/update-rc.d/IptabLex' [ Not found ]
[11:46:08] Checking for file '/delallmykkk' [ Not found ]
[11:46:08] Checking for file '/usr/.IptabLes' [ Not found ]
[11:46:08] Checking for file '/usr/IptabLes' [ Not found ]
[11:46:08] Checking for file '/tmp/.flush' [ Not found ]
[11:46:08] Checking for file '/var/log/.flush' [ Not found ]
[11:46:08] Checking for file '/usr/.flush' [ Not found ]
[11:46:08] Checking for file '/etc/init.d/bluetoothdaemon' [ Not found ]
[11:46:08] Checking for file '/usr/bin/btdaemon' [ Not found ]
[11:46:08] Checking for file '/etc/rc1.d/S90bluetooth' [ Not found ]
[11:46:08] Checking for file '/etc/rc2.d/S90bluetooth' [ Not found ]
[11:46:08] Checking for file '/etc/rc3.d/S90bluetooth' [ Not found ]
[11:46:08] Checking for file '/etc/rc4.d/S90bluetooth' [ Not found ]
[11:46:08] Checking for file '/etc/rc5.d/S90bluetooth' [ Not found ]
[11:46:09] Checking for file '/etc/rc6.d/S90bluetooth' [ Not found ]
[11:46:09] Checking for file '/boot/pro' [ Not found ]
[11:46:09] Checking for file '/boot/proh' [ Not found ]
[11:46:09] Checking for file '/etc/atdd' [ Not found ]
[11:46:09] Checking for file '/etc/atddd' [ Not found ]
[11:46:09] Checking for file '/etc/cupsdd' [ Not found ]
[11:46:09] Checking for file '/etc/cupsddd' [ Not found ]
[11:46:09] Checking for file '/etc/cupsddh' [ Not found ]
[11:46:09] Checking for file '/etc/dsfrefr' [ Not found ]
[11:46:09] Checking for file '/etc/fdsfsfvff' [ Not found ]
[11:46:09] Checking for file '/etc/ferwfrre' [ Not found ]
[11:46:09] Checking for file '/etc/fwke.cfg' [ Not found ]
[11:46:09] Checking for file '/etc/gdmorpen' [ Not found ]
[11:46:09] Checking for file '/etc/gfhddsfew' [ Not found ]
[11:46:09] Checking for file '/etc/gfhjrtfyhuf' [ Not found ]
[11:46:09] Checking for file '/etc/ksapd' [ Not found ]
[11:46:09] Checking for file '/etc/ksapdd' [ Not found ]
[11:46:09] Checking for file '/etc/kysapd' [ Not found ]
[11:46:09] Checking for file '/etc/kysapdd' [ Not found ]
[11:46:09] Checking for file '/etc/rewgtf3er4t' [ Not found ]
[11:46:09] Checking for file '/etc/sdmfdsfhjfe' [ Not found ]
[11:46:09] Checking for file '/etc/sfewfesfs' [ Not found ]
[11:46:09] Checking for file '/etc/sfewfesfsh' [ Not found ]
[11:46:09] Checking for file '/etc/sksapd' [ Not found ]
[11:46:09] Checking for file '/etc/sksapdd' [ Not found ]
[11:46:09] Checking for file '/etc/skysapd' [ Not found ]
[11:46:09] Checking for file '/etc/skysapdd' [ Not found ]
[11:46:09] Checking for file '/etc/smarvtd' [ Not found ]
[11:46:09] Checking for file '/etc/whitptabil' [ Not found ]
[11:46:09] Checking for file '/etc/xfsdx' [ Not found ]
[11:46:09] Checking for file '/etc/xfsdxd' [ Not found ]
[11:46:09] Checking for file '/tmp/bill.lock' [ Not found ]
[11:46:09] Checking for file '/tmp/gates.lock' [ Not found ]
[11:46:09] Checking for file '/tmp/gates.lod' [ Not found ]
[11:46:09] Checking for file '/tmp/moni.lock' [ Not found ]
[11:46:09] Checking for file '/tmp/moni.lod' [ Not found ]
[11:46:09] Checking for file '/tmp/notify.file' [ Not found ]
[11:46:09] Checking for file '/usr/bin/.sshd' [ Not found ]
[11:46:09] Checking for file '/usr/bin/bsd-port/getty' [ Not found ]
[11:46:09] Checking for file '/usr/bin/bsd-port/getty.lock' [ Not found ]
[11:46:10] Checking for file '/usr/bin/bsd-port/udevd.lock' [ Not found ]
[11:46:10] Checking for file '/usr/bin/pojie' [ Not found ]
[11:46:10] Checking for file '/usr/lib/libamplify.so' [ Not found ]
[11:46:10] Checking for file '/etc/init.d/DbSecuritySpt' [ Not found ]
[11:46:10] Checking for file '/etc/rc.d/init.d/DbSecuritySpt' [ Not found ]
[11:46:10] Checking for file '/etc/cron.hourly/gcc.sh' [ Not found ]
[11:46:10] Checking for file '/root/2016ttfacai' [ Not found ]
[11:46:10] Checking for file '/proc/rs_dev' [ Not found ]
[11:46:10] Checking for file '/var/run/sftp.pid' [ Not found ]
[11:46:10] Checking for file '/var/run/udev.pid' [ Not found ]
[11:46:10] Checking for file '/var/run/mount.pid' [ Not found ]
[11:46:10] Checking for file '/etc/cron.hourly/cron.sh' [ Not found ]
[11:46:10] Checking for file '/etc/cron.hourly/udev.sh' [ Not found ]
[11:46:10] Checking for file '/etc/cron.hourly/udev.sh' [ Not found ]
[11:46:10] Checking for file '/lib/libgcc.so' [ Not found ]
[11:46:10] Checking for file '/lib/libgcc.so.bak' [ Not found ]
[11:46:10] Checking for file '/lib/libgcc4.so' [ Not found ]
[11:46:10] Checking for file '/lib/libgcc4.4.so' [ Not found ]
[11:46:10] Checking for file '/lib/udev/udev' [ Not found ]
[11:46:10] Checking for file '/lib/udev/debug' [ Not found ]
[11:46:10] Checking for directory '/dev/ptyas' [ Not found ]
[11:46:10] Checking for directory '/usr/bin/take' [ Not found ]
[11:46:10] Checking for directory '/usr/src/.lib' [ Not found ]
[11:46:10] Checking for directory '/usr/share/man/man1/.1c' [ Not found ]
[11:46:10] Checking for directory '/lib/lblip.tk' [ Not found ]
[11:46:10] Checking for directory '/usr/sbin/...' [ Not found ]
[11:46:10] Checking for directory '/usr/share/.gun' [ Not found ]
[11:46:10] Checking for directory '/unde/vrei/tu/sa/te/ascunzi/in/server' [ Not found ]
[11:46:10] Checking for directory '/usr/man/man1/..<SP><SP>/.dir' [ Not found ]
[11:46:10] Checking for directory '/usr/X11R6/include/X11/...' [ Not found ]
[11:46:10] Checking for directory '/usr/X11R6/lib/X11/.fonts/misc/...' [ Not found ]
[11:46:10] Checking for directory '/tmp/.sys' [ Not found ]
[11:46:10] Checking for directory '/tmp/'' [ Not found ]
[11:46:10] Checking for directory '/tmp/.,' [ Not found ]
[11:46:10] Checking for directory '/tmp/,.,' [ Not found ]
[11:46:10] Checking for directory '/dev/shm/emilien' [ Not found ]
[11:46:10] Checking for directory '/var/tmp/.log' [ Not found ]
[11:46:10] Checking for directory '/tmp/zmeu/...<SP>' [ Not found ]
[11:46:10] Checking for directory '/var/log/ssh' [ Not found ]
[11:46:10] Checking for directory '/dev/ida' [ Not found ]
[11:46:10] Checking for directory '/var/lib/games/.src/ssk/shit' [ Not found ]
[11:46:11] Checking for directory '/usr/lib/libshtift' [ Not found ]
[11:46:11] Checking for directory '/usr/src/.poop' [ Not found ]
[11:46:11] Checking for directory '/dev/wd4' [ Not found ]
[11:46:11] Checking for directory '/var/run/.tmp' [ Not found ]
[11:46:11] Checking for directory '/usr/man/man1/lib/.lib' [ Not found ]
[11:46:11] Checking for directory '/dev/portd' [ Not found ]
[11:46:11] Checking for directory '/dev/...' [ Not found ]
[11:46:11] Checking for directory '/usr/share/man/mansps' [ Not found ]
[11:46:11] Checking for directory '/lib/.so' [ Not found ]
[11:46:11] Checking for directory '/lib/.sso' [ Not found ]
[11:46:11] Checking for directory '/usr/include/sslv3' [ Not found ]
[11:46:11] Checking for directory '/dev/shm/sshd' [ Not found ]
[11:46:11] Checking for directory '/usr/share/locale/mk/.dev/sk' [ Not found ]
[11:46:11] Checking for directory '/usr/share/locale/mk/.dev' [ Not found ]
[11:46:11] Checking for directory '/usr/include/netda.h' [ Not found ]
[11:46:11] Checking for directory '/usr/include/.ssh' [ Not found ]
[11:46:11] Checking for directory '/usr/share/locale/jp/.<SP>' [ Not found ]
[11:46:11] Checking for directory '/usr/share/.sqe' [ Not found ]
[11:46:11] Checking for possible rootkit files and directories [ None found ]
[11:46:11]
[11:46:11] Info: Starting test name 'possible_rkt_strings'
[11:46:11] Performing check for possible rootkit strings
[11:46:11] Info: Using system startup paths: /etc/init.d /etc/systemd/system
[11:46:11] Checking for string 'phalanx' [ Not found ]
[11:46:11] Checking for string '/dev/proc/fuckit' [ Not found ]
[11:46:11] Checking for string 'FUCK' [ Not found ]
[11:46:11] Checking for string 'backdoor' [ Not found ]
[11:46:11] Checking for string '/usr/bin/rcpc' [ Not found ]
[11:46:11] Checking for string '/usr/sbin/login' [ Not found ]
[11:46:11] Checking for string '/dev/ptyxx/.proc' [ Not found ]
[11:46:11] Checking for string 'vt200' [ Not found ]
[11:46:11] Checking for string '/usr/bin/xstat' [ Not found ]
[11:46:11] Checking for string '/bin/envpc' [ Not found ]
[11:46:11] Checking for string 'L4m3r0x' [ Not found ]
[11:46:11] Checking for string '/lib/libext' [ Not found ]
[11:46:11] Checking for string '/usr/sbin/login' [ Not found ]
[11:46:11] Checking for string '/usr/lib/.tbd' [ Not found ]
[11:46:11] Checking for string 'sendmail' [ Not found ]
[11:46:12] Checking for string 'cocacola' [ Not found ]
[11:46:12] Checking for string 'joao' [ Not found ]
[11:46:12] Checking for string '/dev/ptyxx/.file' [ Not found ]
[11:46:12] Checking for string '/dev/ptyxx/.file' [ Not found ]
[11:46:12] Checking for string '/dev/sgk' [ Not found ]
[11:46:12] Checking for string '/var/lock/subsys/...datafile...' [ Not found ]
[11:46:12] Checking for string '/usr/lib/.tbd' [ Not found ]
[11:46:12] Checking for string '/dev/proc/fuckit' [ Not found ]
[11:46:12] Checking for string '/lib/.sso' [ Not found ]
[11:46:12] Checking for string '/var/lock/subsys/...datafile...' [ Not found ]
[11:46:12] Checking for string '/dev/caca' [ Not found ]
[11:46:12] Checking for string '/dev/ttyoa' [ Not found ]
[11:46:12] Checking for string '/usr/lib/ldlibns.so' [ Not found ]
[11:46:12] Checking for string '/dev/ptyxx/.addr' [ Not found ]
[11:46:12] Checking for string 'syg' [ Not found ]
[11:46:12] Checking for string '/var/lock/subsys/...datafile...' [ Not found ]
[11:46:12] Checking for string '/dev/pts/01' [ Not found ]
[11:46:12] Checking for string 'tw33dl3' [ Not found ]
[11:46:12] Checking for string 'psniff' [ Not found ]
[11:46:12] Checking for string 'uconf.inv' [ Not found ]
[11:46:12] Checking for string 'lib/ldlibps.so' [ Not found ]
[11:46:12] Checking for string '/usr/lib/ldlibpst.so' [ Not found ]
[11:46:12] Checking for string 'libproc.so.2.0.7' [ Not found ]
[11:46:12] Checking for string '/dev/ptyxx/.proc' [ Not found ]
[11:46:12] Checking for string '/dev/ptyxx/.proc' [ Not found ]
[11:46:12] Checking for string 'libproc.so.2.0.7' [ Not found ]
[11:46:12] Checking for string 'libproc.so.2.0.7' [ Not found ]
[11:46:12] Checking for string '/bin/bash' [ Not found ]
[11:46:12] Checking for string '/dev/ptyxx' [ Not found ]
[11:46:12] Checking for string '/.config' [ Not found ]
[11:46:12] Checking for string '\$.*\$\!.*\!\!\$' [ Not found ]
[11:46:12] Checking for string 'backdoor.h' [ Not found ]
[11:46:12] Checking for string 'backdoor_active' [ Not found ]
[11:46:12] Checking for string 'magic_pass_active' [ Not found ]
[11:46:12] Checking for string '/usr/include/gpm2.h' [ Not found ]
[11:46:13] Checking for string '/usr/include/openssl' [ Not found ]
[11:46:13] Checking for string 'aion' [ Not found ]
[11:46:13] Checking for string 'pcszPass' [ Not found ]
[11:46:13] Checking for string 'LogPass' [ Not found ]
[11:46:13] Checking for string 'Login_Check' [ Not found ]
[11:46:13] Checking for string 'includes.h' [ Not found ]
[11:46:13] Checking for string 'DecodeString' [ Not found ]
[11:46:13] Checking for string 'EncodeString' [ Not found ]
[11:46:13] Checking for string 'libns2.so' [ Not found ]
[11:46:13] Checking for string 'libns5.so' [ Not found ]
[11:46:13] Checking for string 'libpw3.so' [ Not found ]
[11:46:13] Checking for string 'libpw5.so' [ Not found ]
[11:46:13] Checking for string 'libsbr.so' [ Not found ]
[11:46:13] Checking for string 'libslr.so' [ Not found ]
[11:46:13] Checking for string '/usr/lib/.tbd' [ Not found ]
[11:46:13] Checking for string '/dev/ptyxx/.proc' [ Not found ]
[11:46:13] Checking for string 'in.inetd' [ Not found ]
[11:46:14] Checking for string '#<HIDE_.*>' [ Not found ]
[11:46:14] Checking for string 'bin/xchk' [ Not found ]
[11:46:14] Checking for string 'bin/xsf' [ Not found ]
[11:46:14] Checking for string '/usr/bin/ssh2d' [ Not found ]
[11:46:14] Checking for string '/usr/sbin/xntps' [ Not found ]
[11:46:15] Checking for string 'ttyload' [ Not found ]
[11:46:15] Checking for string '/etc/rc.d/init.d/init' [ Not found ]
[11:46:15] Checking for string 'usr/bin/xfss' [ Not found ]
[11:46:15] Checking for string '/usr/sbin/rpc.netinet' [ Not found ]
[11:46:16] Checking for string '/usr/lib/.fx/cons.saver' [ Not found ]
[11:46:16] Checking for string '/usr/lib/.fx/xs' [ Not found ]
[11:46:16] Checking for string '/ssh2d' [ Not found ]
[11:46:16] Checking for string '/dev/kmod' [ Not found ]
[11:46:17] Checking for string '/crth.o' [ Not found ]
[11:46:17] Checking for string '/crtz.o' [ Not found ]
[11:46:17] Checking for string '/dev/dos' [ Not found ]
[11:46:17] Checking for string '/lpq' [ Not found ]
[11:46:18] Checking for string '/usr/sbin/rescue' [ Not found ]
[11:46:18] Checking for string '/usr/lib/lpstart' [ Not found ]
[11:46:18] Checking for string '/volc' [ Not found ]
[11:46:18] Checking for string 'sourcemask' [ Not found ]
[11:46:19] Checking for string '/bin/vobiscum' [ Not found ]
[11:46:19] Checking for string '/usr/sbin/in.telnet' [ Not found ]
[11:46:19] Checking for string '/usr/bin/hdparm?-t1?-X53?-p' [ Not found ]
[11:46:20] Checking for string '/lib/.xsyslog' [ Not found ]
[11:46:20] Checking for string '/etc/.xsyslog' [ Not found ]
[11:46:20] Checking for string '/lib/.ssyslog' [ Not found ]
[11:46:20] Checking for string '/tmp/.sendmail' [ Not found ]
[11:46:20] Checking for string 'IptabLex' [ Not found ]
[11:46:21] Checking for string 'IptabLes' [ Not found ]
[11:46:21] Checking for string '/lib/ldd.so/tkps' [ Not found ]
[11:46:21] Checking for string 't0rnkit' [ Not found ]
[11:46:21] Checking for string '/dev/proc/fuckit' [ Not found ]
[11:46:21] Checking for string 'backdoor.h' [ Not found ]
[11:46:21] Checking for string 'backdoor_active' [ Not found ]
[11:46:21] Checking for string 'magic_pass_active' [ Not found ]
[11:46:21] Checking for string '/usr/include/gpm2.h' [ Not found ]
[11:46:21] Checking for string 'libproc.so.2.0.7' [ Not found ]
[11:46:21] Checking for string 'libproc.so.2.0.7' [ Not found ]
[11:46:21] Checking for string 'libproc.so.2.0.7' [ Not found ]
[11:46:21] Checking for string '/usr/lib/ldlibct.so' [ Not found ]
[11:46:21] Checking for string '/usr/lib/ldlibdu.so' [ Not found ]
[11:46:21] Checking for string '/dev/ptyxx/.file' [ Not found ]
[11:46:21] Checking for string 'libproc.so.2.0.7' [ Not found ]
[11:46:21] Checking for string '/dev/ida/.inet' [ Not found ]
[11:46:21] Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ]
[11:46:21] Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ]
[11:46:21] Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ]
[11:46:21] Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ]
[11:46:21] Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ]
[11:46:21] Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ]
[11:46:21] Checking for string 'backconnect' [ Not found ]
[11:46:21] Checking for string 'magic?packet?received' [ Not found ]
[11:46:21] Checking for possible rootkit strings [ None found ]
[11:46:21]
[11:46:21] Info: Starting test name 'malware'
[11:46:21] Performing malware checks
[11:46:21]
[11:46:21] Info: Test 'deleted_files' disabled at users request.
[11:46:21]
[11:46:21] Info: Starting test name 'running_procs'
[11:46:26] Checking running processes for suspicious files [ None found ]
[11:46:26]
[11:46:26] Info: Test 'hidden_procs' disabled at users request.
[11:46:26]
[11:46:26] Info: Test 'suspscan' disabled at users request.
[11:46:26]
[11:46:26] Info: Starting test name 'login_backdoors'
[11:46:26] Checking for '/bin/.login' [ Not found ]
[11:46:26] Checking for '/sbin/.login' [ Not found ]
[11:46:26] Checking for login backdoors [ None found ]
[11:46:26]
[11:46:26] Info: Starting test name 'sniffer_logs'
[11:46:26] Checking for file '/usr/lib/libice.log' [ Not found ]
[11:46:26] Checking for file '/dev/prom/sn.l' [ Not found ]
[11:46:26] Checking for file '/dev/fd/.88/zxsniff.log' [ Not found ]
[11:46:26] Checking for sniffer log files [ None found ]
[11:46:26]
[11:46:26] Info: Starting test name 'tripwire'
[11:46:26] Checking for software intrusions [ Skipped ]
[11:46:26] Info: Check skipped - tripwire not installed
[11:46:26]
[11:46:26] Info: Starting test name 'susp_dirs'
[11:46:26] Checking for directory '/usr/X11R6/bin/.,/copy' [ Not found ]
[11:46:26] Checking for directory '/dev/rd/cdb' [ Not found ]
[11:46:26] Checking for suspicious directories [ None found ]
[11:46:26]
[11:46:26] Info: Starting test name 'ipc_shared_mem'
[11:46:26] Info: The minimum shared memory segment size to be checked (in bytes): 1048576 (1,0MB)
[11:46:27] Checking for suspicious (large) shared memory segments [ Warning ]
[11:46:27] Warning: The following suspicious (large) shared memory segments have been found:
[11:46:27] Process: /usr/bin/mate-panel PID: 11695 Owner: caine Size: 64MB (configured size allowed: 1,0MB)
[11:46:27] Process: /usr/bin/caja PID: 11803 Owner: caine Size: 4,0MB (configured size allowed: 1,0MB)
[11:46:27] Process: /usr/bin/caja PID: 11803 Owner: caine Size: 64MB (configured size allowed: 1,0MB)
[11:46:27] Process: /usr/lib/firefox/firefox PID: 12084 Owner: caine Size: 7,6MB (configured size allowed: 1,0MB)
[11:46:27] Process: /usr/bin/marco PID: 11688 Owner: caine Size: 2,0MB (configured size allowed: 1,0MB)
[11:46:27] Process: /usr/lib/firefox/firefox PID: 12084 Owner: caine Size: 7,6MB (configured size allowed: 1,0MB)
[11:46:27] Process: /usr/lib/firefox/firefox PID: 12084 Owner: caine Size: 7,6MB (configured size allowed: 1,0MB)
[11:46:27] Process: /usr/bin/mate-terminal PID: 16249 Owner: root Size: 4,0MB (configured size allowed: 1,0MB)
[11:46:27] Process: /usr/lib/firefox/firefox PID: 12084 Owner: caine Size: 7,6MB (configured size allowed: 1,0MB)
[11:46:27] Process: /usr/bin/gnome-disks PID: 24461 Owner: caine Size: 4,0MB (configured size allowed: 1,0MB)
[11:46:27] Process: /usr/bin/mate-terminal PID: 16524 Owner: caine Size: 4,0MB (configured size allowed: 1,0MB)
[11:46:27] Process: /usr/bin/caja PID: 23540 Owner: root Size: 8,0MB (configured size allowed: 1,0MB)
[11:46:27]
[11:46:27] Info: Starting test name 'trojans'
[11:46:27] Performing trojan specific checks
[11:46:27] Checking for enabled inetd services [ Skipped ]
[11:46:27] Info: Check skipped - file '/etc/inetd.conf' does not exist.
[11:46:27] Checking for enabled xinetd services [ Skipped ]
[11:46:27] Info: Check skipped - file '/etc/xinetd.conf' does not exist.
[11:46:27] Checking for Apache backdoor [ Skipped ]
[11:46:27] Info: Check skipped - no Apache module or configuration directories found.
[11:46:27]
[11:46:27] Info: Starting test name 'os_specific'
[11:46:27] Performing Linux specific checks
[11:46:27] Checking loaded kernel modules [ OK ]
[11:46:27] Info: Using modules pathname of '/lib/modules/5.0.0-32-generic'
[11:46:27] Checking kernel module names [ OK ]
[11:46:32]
[11:46:32] Info: Starting test name 'network'
[11:46:32] Checking the network...
[11:46:32]
[11:46:32] Performing checks on the network ports
[11:46:32] Info: Starting test name 'ports'
[11:46:32] Performing check for backdoor ports
[11:46:32] Checking for TCP port 1524 [ Not found ]
[11:46:32] Checking for TCP port 1984 [ Not found ]
[11:46:32] Checking for UDP port 2001 [ Not found ]
[11:46:33] Checking for TCP port 2006 [ Not found ]
[11:46:33] Checking for TCP port 2128 [ Not found ]
[11:46:33] Checking for TCP port 6666 [ Not found ]
[11:46:33] Checking for TCP port 6667 [ Not found ]
[11:46:33] Checking for TCP port 6668 [ Not found ]
[11:46:33] Checking for TCP port 6669 [ Not found ]
[11:46:33] Checking for TCP port 7000 [ Not found ]
[11:46:33] Checking for TCP port 13000 [ Not found ]
[11:46:33] Checking for TCP port 14856 [ Not found ]
[11:46:33] Checking for TCP port 25000 [ Not found ]
[11:46:33] Checking for TCP port 29812 [ Not found ]
[11:46:33] Checking for TCP port 31337 [ Not found ]
[11:46:33] Checking for TCP port 32982 [ Not found ]
[11:46:33] Checking for TCP port 33369 [ Not found ]
[11:46:34] Checking for TCP port 47107 [ Not found ]
[11:46:34] Checking for TCP port 47018 [ Not found ]
[11:46:34] Checking for TCP port 60922 [ Not found ]
[11:46:34] Checking for TCP port 62883 [ Not found ]
[11:46:34] Checking for TCP port 65535 [ Not found ]
[11:46:34] Checking for backdoor ports [ None found ]
[11:46:34]
[11:46:34] Info: Test 'hidden_ports' disabled at users request.
[11:46:34]
[11:46:34] Performing checks on the network interfaces
[11:46:34] Info: Starting test name 'promisc'
[11:46:34] Checking for promiscuous interfaces [ None found ]
[11:46:34]
[11:46:34] Info: Test 'packet_cap_apps' disabled at users request.
[11:46:34]
[11:46:34] Info: Starting test name 'local_host'
[11:46:34] Checking the local host...
[11:46:34]
[11:46:34] Info: Starting test name 'startup_files'
[11:46:34] Performing system boot checks
[11:46:34] Checking for local host name [ Found ]
[11:46:34]
[11:46:34] Info: Starting test name 'startup_malware'
[11:46:34] Checking for system startup files [ Found ]
[11:46:36] Checking system startup files for malware [ None found ]
[11:46:36]
[11:46:36] Info: Starting test name 'group_accounts'
[11:46:36] Performing group and account checks
[11:46:36] Checking for passwd file [ Found ]
[11:46:36] Info: Found password file: /etc/passwd
[11:46:36] Checking for root equivalent (UID 0) accounts [ None found ]
[11:46:36] Info: Found shadow file: /etc/shadow
[11:46:36] Checking for passwordless accounts [ Warning ]
[11:46:36] Warning: Found passwordless account in shadow file: caine
[11:46:36]
[11:46:36] Info: Starting test name 'passwd_changes'
[11:46:36] Checking for passwd file changes [ None found ]
[11:46:36]
[11:46:36] Info: Starting test name 'group_changes'
[11:46:36] Checking for group file changes [ None found ]
[11:46:36] Checking root account shell history files [ OK ]
[11:46:36]
[11:46:36] Info: Starting test name 'system_configs'
[11:46:36] Performing system configuration file checks
[11:46:36]
[11:46:36] Info: Starting test name 'system_configs_ssh'
[11:46:36] Checking for an SSH configuration file [ Found ]
[11:46:36] Info: Found an SSH configuration file: /etc/ssh/sshd_config
[11:46:36] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'no'.
[11:46:36] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '2'.
[11:46:36] Checking if SSH root access is allowed [ Warning ]
[11:46:36] Warning: The SSH configuration option 'PermitRootLogin' has not been set.
The default value may be 'yes', to allow root access.
[11:46:36] Checking if SSH protocol v1 is allowed [ Not set ]
[11:46:36] Checking for other suspicious configuration settings [ None found ]
[11:46:36]
[11:46:36] Info: Starting test name 'system_configs_syslog'
[11:46:36] Checking for a running system logging daemon [ Found ]
[11:46:36] Info: A running 'rsyslog' daemon has been found.
[11:46:36] Info: A running 'systemd-journald' daemon has been found.
[11:46:36] Info: Found an rsyslog configuration file: /etc/rsyslog.conf
[11:46:36] Info: Found a systemd configuration file: /etc/systemd/journald.conf
[11:46:37] Checking for a system logging configuration file [ Found ]
[11:46:37] Checking if syslog remote logging is allowed [ Not allowed ]
[11:46:37]
[11:46:37] Info: Starting test name 'filesystem'
[11:46:37] Performing filesystem checks
[11:46:37] Info: SCAN_MODE_DEV set to 'THOROUGH'
[11:46:38] Checking /dev for suspicious file types [ None found ]
[11:46:39] Checking for hidden files and directories [ Warning ]
[11:46:39] Warning: Hidden directory found: /etc/.java
[11:46:39] Checking for missing log files [ Skipped ]
[11:46:39] Info: No missing log file names configured.
[11:46:39] Checking for empty log files [ Skipped ]
[11:46:39] Info: No empty log file names configured.
[11:47:18]
[11:47:18] Info: Test 'apps' disabled at users request.
[11:47:18]
[11:47:18] System checks summary
[11:47:18] =====================
[11:47:18]
[11:47:18] File properties checks...
[11:47:18] Required commands check failed
[11:47:18] Files checked: 152
[11:47:18] Suspect files: 1
[11:47:18]
[11:47:18] Rootkit checks...
[11:47:18] Rootkits checked : 500
[11:47:18] Possible rootkits: 12
[11:47:18]
[11:47:18] Applications checks...
[11:47:18] All checks skipped
[11:47:18]
[11:47:18] The system checks took: 1 minute and 59 seconds
[11:47:18]
[11:47:18] Info: End date is gio 23 giu 2022, 11.47.18, CEST
Bueno ya veis.Ahora haré otro post explicativo.
Navegación
[#] Página Siguiente
[*] Página Anterior