rkhunter

1. [ Rootkit Hunter version 1.3.8 ]
2.  
3. Checking system commands...
4.  
5. Performing 'strings' command checks
6. Checking 'strings' command[ OK ]
7.  
8. Performing 'shared libraries' checks
9. Checking for preloading variables[ None found ]
10. Checking for preloaded libraries[ None found ]
11. Checking LD_LIBRARY_PATH variable[ Not found ]
12.  
13. Performing file properties checks
14. Checking for prerequisites[ Warning ]
15. /usr/local/bin/rkhunter[ OK ]
16. /usr/sbin/adduser[ Warning ]
17. /usr/sbin/chroot[ OK ]
18. /usr/sbin/cron[ OK ]
19. /usr/sbin/groupadd[ OK ]
20. /usr/sbin/groupdel[ OK ]
21. /usr/sbin/groupmod[ OK ]
22. /usr/sbin/grpck[ OK ]
23. /usr/sbin/nologin[ OK ]
24. /usr/sbin/pwck[ OK ]
25. /usr/sbin/tcpd[ OK ]
26. /usr/sbin/useradd[ OK ]
27. /usr/sbin/userdel[ OK ]
28. /usr/sbin/usermod[ OK ]
29. /usr/sbin/vipw[ OK ]
30. /usr/sbin/xinetd[ OK ]
31. /usr/bin/awk[ OK ]
32. /usr/bin/basename[ OK ]
33. /usr/bin/chattr[ OK ]
34. /usr/bin/curl[ OK ]
35. /usr/bin/cut[ OK ]
36. /usr/bin/diff[ OK ]
37. /usr/bin/dirname[ OK ]
38. /usr/bin/dpkg[ OK ]
39. /usr/bin/dpkg-query[ OK ]
40. /usr/bin/du[ OK ]
41. /usr/bin/env[ OK ]
42. /usr/bin/file[ OK ]
43. /usr/bin/find[ Warning ]
44. /usr/bin/GET[ OK ]
45. /usr/bin/groups[ Warning ]
46. /usr/bin/head[ OK ]
47. /usr/bin/id[ OK ]
48. /usr/bin/killall[ OK ]
49. /usr/bin/last[ OK ]
50. /usr/bin/lastlog[ OK ]
51. /usr/bin/ldd[ Warning ]
52. /usr/bin/less[ OK ]
53. /usr/bin/locate[ OK ]
54. /usr/bin/logger[ OK ]
55. /usr/bin/lsattr[ OK ]
56. /usr/bin/lsof[ OK ]
57. /usr/bin/lynx[ OK ]
58. /usr/bin/mail[ OK ]
59. /usr/bin/md5sum[ Warning ]
60. /usr/bin/newgrp[ OK ]
61. /usr/bin/passwd[ OK ]
62. /usr/bin/perl[ OK ]
63. /usr/bin/pgrep[ OK ]
64. /usr/bin/pstree[ Warning ]
65. /usr/bin/runcon[ OK ]
66. /usr/bin/sha1sum[ OK ]
67. /usr/bin/sha224sum[ OK ]
68. /usr/bin/sha256sum[ OK ]
69. /usr/bin/sha384sum[ OK ]
70. /usr/bin/sha512sum[ OK ]
71. /usr/bin/size[ OK ]
72. /usr/bin/slocate[ Warning ]
73. /usr/bin/sort[ OK ]
74. /usr/bin/stat[ OK ]
75. /usr/bin/strings[ OK ]
76. /usr/bin/sudo[ OK ]
77. /usr/bin/tail[ OK ]
78. /usr/bin/test[ OK ]
79. /usr/bin/top[ Warning ]
80. /usr/bin/touch[ OK ]
81. /usr/bin/tr[ OK ]
82. /usr/bin/uniq[ OK ]
83. /usr/bin/users[ OK ]
84. /usr/bin/vmstat[ OK ]
85. /usr/bin/w[ OK ]
86. /usr/bin/watch[ OK ]
87. /usr/bin/wc[ OK ]
88. /usr/bin/wget[ OK ]
89. /usr/bin/whatis[ OK ]
90. /usr/bin/whereis[ OK ]
91. /usr/bin/which[ OK ]
92. /usr/bin/who[ OK ]
93. /usr/bin/whoami[ OK ]
94. /usr/bin/gawk[ OK ]
95. /usr/bin/lwp-request[ Warning ]
96. /usr/bin/lynx.stable[ OK ]
97. /usr/bin/bsd-mailx[ OK ]
98. /usr/bin/w.procps[ OK ]
99. /usr/bin/tcsh[ OK ]
100. /sbin/depmod[ OK ]
101. /sbin/fsck[ OK ]
102. /sbin/ifconfig[ Warning ]
103. /sbin/ifdown[ OK ]
104. /sbin/ifup[ OK ]
105. /sbin/init[ OK ]
106. /sbin/insmod[ OK ]
107. /sbin/ip[ OK ]
108. /sbin/lsmod[ OK ]
109. /sbin/modinfo[ OK ]
110. /sbin/modprobe[ OK ]
111. /sbin/rmmod[ OK ]
112. /sbin/route[ OK ]
113. /sbin/runlevel[ OK ]
114. /sbin/sulogin[ OK ]
115. /sbin/sysctl[ OK ]
116. /sbin/syslogd[ OK ]
117. /bin/bash[ OK ]
118. /bin/cat[ OK ]
119. /bin/chmod[ OK ]
120. /bin/chown[ OK ]
121. /bin/cp[ OK ]
122. /bin/csh[ OK ]
123. /bin/date[ OK ]
124. /bin/df[ OK ]
125. /bin/dmesg[ OK ]
126. /bin/echo[ OK ]
127. /bin/ed[ OK ]
128. /bin/egrep[ OK ]
129. /bin/fgrep[ OK ]
130. /bin/fuser[ OK ]
131. /bin/grep[ OK ]
132. /bin/ip[ OK ]
133. /bin/kill[ OK ]
134. /bin/login[ OK ]
135. /bin/ls[ Warning ]
136. /bin/lsmod[ OK ]
137. /bin/mktemp[ OK ]
138. /bin/more[ OK ]
139. /bin/mount[ OK ]
140. /bin/mv[ OK ]
141. /bin/netstat[ Warning ]
142. /bin/ps[ Warning ]
143. /bin/pwd[ OK ]
144. /bin/readlink[ OK ]
145. /bin/sed[ OK ]
146. /bin/sh[ OK ]
147. /bin/su[ OK ]
148. /bin/touch[ OK ]
149. /bin/uname[ OK ]
150. /bin/which[ Warning ]
151. /bin/tcsh[ OK ]
152. /bin/dash[ OK ]
153. /etc/rkhunter.conf[ OK ]
154.  
155. [Press <ENTER> to continue]
156.  
157.  
158. Checking for rootkits...
159.  
160. Performing check of known rootkit files and directories
161. 55808 Trojan - Variant A [ Not found ]
162. ADM Worm [ Not found ]
163. AjaKit Rootkit [ Not found ]
164. Adore Rootkit [ Not found ]
165. aPa Kit [ Not found ]
166. Apache Worm [ Not found ]
167. Ambient (ark) Rootkit [ Not found ]
168. Balaur Rootkit [ Not found ]
169. BeastKit Rootkit [ Not found ]
170. beX2 Rootkit [ Not found ]
171. BOBKit Rootkit [ Not found ]
172. cb Rootkit [ Warning ]
173. CiNIK Worm (Slapper.B variant) [ Not found ]
174. Danny-Boy's Abuse Kit [ Not found ]
175. Devil RootKit [ Not found ]
176. Dica-Kit Rootkit [ Not found ]
177. Dreams Rootkit [ Not found ]
178. Duarawkz Rootkit [ Not found ]
179. Enye LKM [ Not found ]
180. Flea Linux Rootkit [ Not found ]
181. FreeBSD Rootkit [ Not found ]
182. Fu Rootkit [ Not found ]
183. Fuck`it Rootkit [ Not found ]
184. GasKit Rootkit [ Not found ]
185. Heroin LKM [ Not found ]
186. HjC Kit [ Not found ]
187. ignoKit Rootkit [ Not found ]
188. iLLogiC Rootkit [ Not found ]
189. IntoXonia-NG Rootkit [ Not found ]
190. Irix Rootkit [ Not found ]
191. Kitko Rootkit [ Not found ]
192. Knark Rootkit [ Not found ]
193. ld-linuxv.so Rootkit [ Not found ]
194. Li0n Worm [ Not found ]
195. Lockit / LJK2 Rootkit [ Not found ]
196. Mood-NT Rootkit [ Not found ]
197. MRK Rootkit [ Not found ]
198. Ni0 Rootkit [ Not found ]
199. Ohhara Rootkit [ Not found ]
200. Optic Kit (Tux) Worm [ Not found ]
201. Oz Rootkit [ Not found ]
202. Phalanx Rootkit [ Not found ]
203. Phalanx2 Rootkit [ Not found ]
204. Phalanx2 Rootkit (extended tests) [ Not found ]
205. Portacelo Rootkit [ Not found ]
206. R3dstorm Toolkit [ Not found ]
207. RH-Sharpe's Rootkit [ Not found ]
208. RSHA's Rootkit [ Not found ]
209. Scalper Worm [ Not found ]
210. Sebek LKM [ Not found ]
211. Shutdown Rootkit [ Not found ]
212. SHV4 Rootkit [ Warning ]
213. SHV5 Rootkit [ Warning ]
214. Sin Rootkit [ Not found ]
215. Slapper Worm [ Not found ]
216. Sneakin Rootkit [ Not found ]
217. 'Spanish' Rootkit [ Not found ]
218. Suckit Rootkit [ Not found ]
219. SunOS Rootkit [ Not found ]
220. SunOS / NSDAP Rootkit [ Not found ]
221. Superkit Rootkit [ Not found ]
222. TBD (Telnet BackDoor) [ Not found ]
223. TeLeKiT Rootkit [ Not found ]
224. T0rn Rootkit [ Not found ]
225. trNkit Rootkit [ Not found ]
226. Trojanit Kit [ Not found ]
227. Tuxtendo Rootkit [ Not found ]
228. URK Rootkit [ Not found ]
229. Vampire Rootkit [ Not found ]
230. VcKit Rootkit [ Not found ]
231. Volc Rootkit [ Not found ]
232. Xzibit Rootkit [ Not found ]
233. X-Org SunOS Rootkit [ Not found ]
234. zaRwT.KiT Rootkit [ Not found ]
235. ZK Rootkit [ Not found ]
236.  
237. Performing additional rootkit checks
238. Suckit Rookit additional checks [ OK ]
239. Checking for possible rootkit files and directories [ None found ]
240. Checking for possible rootkit strings [ Warning ]
241.  
242. Performing malware checks
243. Checking running processes for suspicious files [ None found ]
244. Checking for login backdoors [ None found ]
245. Checking for suspicious directories [ None found ]
246. Checking for sniffer log files [ None found ]
247. Performing trojan specific checks
248. Checking for enabled inetd services [ OK ]
249. Checking for enabled xinetd services [ None found ]
250. Checking for Apache backdoor [ Not found ]
251.  
252. Performing Linux specific checks
253. Checking loaded kernel modules [ Warning ]
254. Checking kernel module names [ OK ]
255.  
256. [Press <ENTER> to continue]
257.  
258. Checking the network...
259.  
260. Performing checks on the network ports
261. Checking for backdoor ports [ Warning ]
262.  
263. Performing checks on the network interfaces
264. Checking for promiscuous interfaces [ None found ]
265.  
266. Checking the local host...
267.  
268. Performing system boot checks
269. Checking for local host name [ Found ]
270. Checking for system startup files [ Found ]
271. Checking system startup files for malware [ None found ]
272.  
273. Performing group and account checks
274. Checking for passwd file [ Found ]
275. Checking for root equivalent (UID 0) accounts [ Warning ]
276. Checking for passwordless accounts [ None found ]
277. Checking for passwd file changes [ None found ]
278. Checking for group file changes [ None found ]
279. Checking root account shell history files [ OK ]
280.  
281. Performing system configuration file checks
282. Checking for SSH configuration file [ Found ]
283. Checking if SSH root access is allowed [ Warning ]
284. Checking if SSH protocol v1 is allowed [ Not allowed ]
285. Unknown HZ value! (380) Assume 100.
286. Internal error!
287. Internal error!
288. Checking for running syslog daemon [ Found ]
289. Checking for syslog configuration file [ Found ]
290. Checking if syslog remote logging is allowed [ Not allowed ]
291.  
292. Performing filesystem checks
293. Checking /dev for suspicious file types [ None found ]
294. Checking for hidden files and directories [ Warning ]
295.  
296. [Press <ENTER> to continue]
297.  
298. Checking application versions...
299.  
300. Checking version of Exim MTA [ Warning ]
301. Checking version of GnuPG [ Warning ]
302. Checking version of Bind DNS [ OK ]
303. Checking version of OpenSSL [ Warning ]
304. Checking version of PHP [ Warning ]
305. Checking version of Procmail MTA [ OK ]
306. Checking version of OpenSSH [ Warning ]
307.  
308.  
309. System checks summary
310. =====================
311.  
312. File properties checks...
313. Required commands check failed
314. Files checked: 139
315. Suspect files: 14
316.  
317. Rootkit checks...
318. Rootkits checked : 254
319. Possible rootkits: 3
320. Rootkit names : cb Rootkit, SHV4 Rootkit, SHV5 Rootkit
321.  
322. Applications checks...
323. Applications checked: 7
324. Suspect applications: 5
325.  
326. The system checks took: 2 minutes and 7 seconds
327.  
328. All results have been written to the log file (/var/log/rkhunter.log)
329.  
330. One or more warnings have been found while checking the system.
331. Please check the log file (/var/log/rkhunter.log)