API tools faq
paste
Kimarite

rkhunter (for example)

Kimarite
Oct 4th, 2011
208
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 22.18 KB | None | 0 0
raw download clone embed print report
  1. im@im:~$ sudo rkhunter --update
  2. [sudo] password for im:
  3. sudo: rkhunter: command not found
  4. im@im:~$ sudo apt-get install rkhunter
  5. Csomaglisták olvasása... Kész
  6. Függőségi fa építése
  7. Állapot adatok olvasása... Kész
  8. Az alábbi csomagok automatikusan települtek, de már nem kellenek:
  9. mono-2.0-gac
  10. Töröld az 'apt-get autoremove' paranccsal!
  11. Az alábbi extra csomagok kerülnek telepítésre:
  12. unhide
  13. Javasolt csomagok:
  14. tripwire
  15. Az alábbi ÚJ csomagok lesznek telepítve:
  16. rkhunter unhide
  17. 0 frissített, 2 újonnan telepített, 0 eltávolítandó és 1 nem frissített.
  18. Letöltés az archívumokból: 981kB
  19. E művelet után további 2.564kB lemez-területetet használok fel.
  20. Folytatni akarod [Y/n]? Y
  21. Letöltés:1 http://hu.archive.ubuntu.com/ubuntu/ lucid/universe rkhunter 1.3.6-3ubuntu1 [223kB]
  22. Letöltés:2 http://hu.archive.ubuntu.com/ubuntu/ lucid/universe unhide 20080519-6 [758kB]
  23. Letöltve 981kB 9mp alatt (102kB/s)
  24. Csomagok előkonfigurálása ...
  25. Új csomag kiválasztása: rkhunter.
  26. (Adatbázis olvasása ... Most 317185 fájl és könyvtár telepített.)
  27. Kicsomagolás: rkhunter innen: .../rkhunter_1.3.6-3ubuntu1_all.deb ...
  28. Új csomag kiválasztása: unhide.
  29. Kicsomagolás: unhide innen: .../unhide_20080519-6_i386.deb ...
  30. man-db triggereinek feldolgozása…
  31. Beállítás: rkhunter (1.3.6-3ubuntu1) ...
  32. [ Rootkit Hunter version 1.3.6 ]
  33. File created: searched for 162 files, found 134
  34.  
  35. Beállítás: unhide (20080519-6) ...
  36.  
  37. im@im:~$ sudo rkhunter --update
  38. [ Rootkit Hunter version 1.3.6 ]
  39.  
  40. Checking rkhunter data files...
  41. Checking file mirrors.dat [ No update ]
  42. Checking file programs_bad.dat [ Updated ]
  43. Checking file backdoorports.dat [ Updated ]
  44. Checking file suspscan.dat [ No update ]
  45. Checking file i18n/cn [ No update ]
  46. Checking file i18n/de [ No update ]
  47. Checking file i18n/en [ No update ]
  48. Checking file i18n/zh [ No update ]
  49. Checking file i18n/zh.utf8 [ No update ]
  50. im@im:~$ rkhunter -c
  51. You must be the root user to run this program.
  52. im@im:~$ sudo rkhunter -c
  53. [ Rootkit Hunter version 1.3.6 ]
  54.  
  55. Checking system commands...
  56.  
  57. Performing 'strings' command checks
  58. Checking 'strings' command [ OK ]
  59.  
  60. Performing 'shared libraries' checks
  61. Checking for preloading variables [ None found ]
  62. Checking for preloaded libraries [ None found ]
  63. Checking LD_LIBRARY_PATH variable [ Not found ]
  64.  
  65. Performing file properties checks
  66. Checking for prerequisites [ OK ]
  67. /bin/bash [ OK ]
  68. /bin/cat [ OK ]
  69. /bin/chmod [ OK ]
  70. /bin/chown [ OK ]
  71. /bin/cp [ OK ]
  72. /bin/date [ OK ]
  73. /bin/df [ OK ]
  74. /bin/dmesg [ OK ]
  75. /bin/echo [ OK ]
  76. /bin/ed [ OK ]
  77. /bin/egrep [ OK ]
  78. /bin/fgrep [ OK ]
  79. /bin/fuser [ OK ]
  80. /bin/grep [ OK ]
  81. /bin/ip [ OK ]
  82. /bin/kill [ OK ]
  83. /bin/less [ OK ]
  84. /bin/login [ OK ]
  85. /bin/ls [ OK ]
  86. /bin/lsmod [ OK ]
  87. /bin/mktemp [ OK ]
  88. /bin/more [ OK ]
  89. /bin/mount [ OK ]
  90. /bin/mv [ OK ]
  91. /bin/netstat [ OK ]
  92. /bin/ps [ OK ]
  93. /bin/pwd [ OK ]
  94. /bin/readlink [ OK ]
  95. /bin/sed [ OK ]
  96. /bin/sh [ OK ]
  97. /bin/su [ OK ]
  98. /bin/touch [ OK ]
  99. /bin/uname [ OK ]
  100. /bin/which [ OK ]
  101. /bin/dash [ OK ]
  102. /usr/bin/awk [ OK ]
  103. /usr/bin/basename [ OK ]
  104. /usr/bin/chattr [ OK ]
  105. /usr/bin/curl [ OK ]
  106. /usr/bin/cut [ OK ]
  107. /usr/bin/diff [ OK ]
  108. /usr/bin/dirname [ OK ]
  109. /usr/bin/dpkg [ OK ]
  110. /usr/bin/dpkg-query [ OK ]
  111. /usr/bin/du [ OK ]
  112. /usr/bin/env [ OK ]
  113. /usr/bin/file [ OK ]
  114. /usr/bin/find [ OK ]
  115. /usr/bin/GET [ OK ]
  116. /usr/bin/groups [ OK ]
  117. /usr/bin/head [ OK ]
  118. /usr/bin/id [ OK ]
  119. /usr/bin/killall [ OK ]
  120. /usr/bin/last [ OK ]
  121. /usr/bin/lastlog [ OK ]
  122. /usr/bin/ldd [ OK ]
  123. /usr/bin/less [ OK ]
  124. /usr/bin/locate [ OK ]
  125. /usr/bin/logger [ OK ]
  126. /usr/bin/lsattr [ OK ]
  127. /usr/bin/lsof [ OK ]
  128. /usr/bin/mail [ OK ]
  129. /usr/bin/md5sum [ OK ]
  130. /usr/bin/mlocate [ OK ]
  131. /usr/bin/newgrp [ OK ]
  132. /usr/bin/passwd [ OK ]
  133. /usr/bin/perl [ OK ]
  134. /usr/bin/pgrep [ OK ]
  135. /usr/bin/pstree [ OK ]
  136. /usr/bin/rkhunter [ OK ]
  137. /usr/bin/rpm [ OK ]
  138. /usr/bin/runcon [ OK ]
  139. /usr/bin/sha1sum [ OK ]
  140. /usr/bin/sha224sum [ OK ]
  141. /usr/bin/sha256sum [ OK ]
  142. /usr/bin/sha384sum [ OK ]
  143. /usr/bin/sha512sum [ OK ]
  144. /usr/bin/size [ OK ]
  145. /usr/bin/sort [ OK ]
  146. /usr/bin/stat [ OK ]
  147. /usr/bin/strace [ OK ]
  148. /usr/bin/strings [ OK ]
  149. /usr/bin/sudo [ OK ]
  150. /usr/bin/tail [ OK ]
  151. /usr/bin/test [ OK ]
  152. /usr/bin/top [ OK ]
  153. /usr/bin/touch [ OK ]
  154. /usr/bin/tr [ OK ]
  155. /usr/bin/uniq [ OK ]
  156. /usr/bin/users [ OK ]
  157. /usr/bin/vmstat [ OK ]
  158. /usr/bin/w [ OK ]
  159. /usr/bin/watch [ OK ]
  160. /usr/bin/wc [ OK ]
  161. /usr/bin/wget [ OK ]
  162. /usr/bin/whatis [ OK ]
  163. /usr/bin/whereis [ OK ]
  164. /usr/bin/which [ OK ]
  165. /usr/bin/who [ OK ]
  166. /usr/bin/whoami [ OK ]
  167. /usr/bin/gawk [ OK ]
  168. /usr/bin/lwp-request [ OK ]
  169. /usr/bin/bsd-mailx [ OK ]
  170. /usr/bin/w.procps [ OK ]
  171. /sbin/depmod [ OK ]
  172. /sbin/ifconfig [ OK ]
  173. /sbin/ifdown [ OK ]
  174. /sbin/ifup [ OK ]
  175. /sbin/init [ OK ]
  176. /sbin/insmod [ OK ]
  177. /sbin/ip [ OK ]
  178. /sbin/lsmod [ OK ]
  179. /sbin/modinfo [ OK ]
  180. /sbin/modprobe [ OK ]
  181. /sbin/rmmod [ OK ]
  182. /sbin/runlevel [ OK ]
  183. /sbin/sulogin [ OK ]
  184. /sbin/sysctl [ OK ]
  185. /usr/sbin/adduser [ OK ]
  186. /usr/sbin/chroot [ OK ]
  187. /usr/sbin/cron [ OK ]
  188. /usr/sbin/groupadd [ OK ]
  189. /usr/sbin/groupdel [ OK ]
  190. /usr/sbin/groupmod [ OK ]
  191. /usr/sbin/grpck [ OK ]
  192. /usr/sbin/nologin [ OK ]
  193. /usr/sbin/pwck [ OK ]
  194. /usr/sbin/rsyslogd [ OK ]
  195. /usr/sbin/tcpd [ OK ]
  196. /usr/sbin/useradd [ OK ]
  197. /usr/sbin/userdel [ OK ]
  198. /usr/sbin/usermod [ OK ]
  199. /usr/sbin/vipw [ OK ]
  200. /usr/sbin/unhide-linux26 [ OK ]
  201.  
  202. [Press <ENTER> to continue]
  203.  
  204.  
  205. Checking for rootkits...
  206.  
  207. Performing check of known rootkit files and directories
  208. 55808 Trojan - Variant A [ Not found ]
  209. ADM Worm [ Not found ]
  210. AjaKit Rootkit [ Not found ]
  211. Adore Rootkit [ Not found ]
  212. aPa Kit [ Not found ]
  213. Apache Worm [ Not found ]
  214. Ambient (ark) Rootkit [ Not found ]
  215. Balaur Rootkit [ Not found ]
  216. BeastKit Rootkit [ Not found ]
  217. beX2 Rootkit [ Not found ]
  218. BOBKit Rootkit [ Not found ]
  219. cb Rootkit [ Not found ]
  220. CiNIK Worm (Slapper.B variant) [ Not found ]
  221. Danny-Boy's Abuse Kit [ Not found ]
  222. Devil RootKit [ Not found ]
  223. Dica-Kit Rootkit [ Not found ]
  224. Dreams Rootkit [ Not found ]
  225. Duarawkz Rootkit [ Not found ]
  226. Enye LKM [ Not found ]
  227. Flea Linux Rootkit [ Not found ]
  228. FreeBSD Rootkit [ Not found ]
  229. Fu Rootkit [ Not found ]
  230. Fuck`it Rootkit [ Not found ]
  231. GasKit Rootkit [ Not found ]
  232. Heroin LKM [ Not found ]
  233. HjC Kit [ Not found ]
  234. ignoKit Rootkit [ Not found ]
  235. iLLogiC Rootkit [ Not found ]
  236. IntoXonia-NG Rootkit [ Not found ]
  237. Irix Rootkit [ Not found ]
  238. Kitko Rootkit [ Not found ]
  239. Knark Rootkit [ Not found ]
  240. ld-linuxv.so Rootkit [ Not found ]
  241. Li0n Worm [ Not found ]
  242. Lockit / LJK2 Rootkit [ Not found ]
  243. Mood-NT Rootkit [ Not found ]
  244. MRK Rootkit [ Not found ]
  245. Ni0 Rootkit [ Not found ]
  246. Ohhara Rootkit [ Not found ]
  247. Optic Kit (Tux) Worm [ Not found ]
  248. Oz Rootkit [ Not found ]
  249. Phalanx Rootkit [ Not found ]
  250. Phalanx2 Rootkit [ Not found ]
  251. Phalanx2 Rootkit (extended tests) [ Not found ]
  252. Portacelo Rootkit [ Not found ]
  253. R3dstorm Toolkit [ Not found ]
  254. RH-Sharpe's Rootkit [ Not found ]
  255. RSHA's Rootkit [ Not found ]
  256. Scalper Worm [ Not found ]
  257. Sebek LKM [ Not found ]
  258. Shutdown Rootkit [ Not found ]
  259. SHV4 Rootkit [ Not found ]
  260. SHV5 Rootkit [ Not found ]
  261. Sin Rootkit [ Not found ]
  262. Slapper Worm [ Not found ]
  263. Sneakin Rootkit [ Not found ]
  264. 'Spanish' Rootkit [ Not found ]
  265. Suckit Rootkit [ Not found ]
  266. SunOS Rootkit [ Not found ]
  267. SunOS / NSDAP Rootkit [ Not found ]
  268. Superkit Rootkit [ Not found ]
  269. TBD (Telnet BackDoor) [ Not found ]
  270. TeLeKiT Rootkit [ Not found ]
  271. T0rn Rootkit [ Not found ]
  272. trNkit Rootkit [ Not found ]
  273. Trojanit Kit [ Not found ]
  274. Tuxtendo Rootkit [ Not found ]
  275. URK Rootkit [ Not found ]
  276. Vampire Rootkit [ Not found ]
  277. VcKit Rootkit [ Not found ]
  278. Volc Rootkit [ Not found ]
  279. Xzibit Rootkit [ Not found ]
  280. X-Org SunOS Rootkit [ Not found ]
  281. zaRwT.KiT Rootkit [ Not found ]
  282. ZK Rootkit [ Not found ]
  283.  
  284. Performing additional rootkit checks
  285. Suckit Rookit additional checks [ OK ]
  286. Checking for possible rootkit files and directories [ None found ]
  287. Checking for possible rootkit strings [ None found ]
  288.  
  289. Performing malware checks
  290. Checking running processes for suspicious files [ None found ]
  291. Checking for login backdoors [ None found ]
  292. Checking for suspicious directories [ None found ]
  293. Checking for sniffer log files [ None found ]
  294.  
  295. Performing trojan specific checks
  296. Checking for enabled inetd services [ OK ]
  297.  
  298. Performing Linux specific checks
  299. Checking loaded kernel modules [ OK ]
  300. Checking kernel module names [ OK ]
  301.  
  302. [Press <ENTER> to continue]
  303.  
  304.  
  305. Checking the network...
  306.  
  307. Performing check for backdoor ports
  308. Checking for TCP port 1524 [ Not found ]
  309. Checking for TCP port 1984 [ Not found ]
  310. Checking for UDP port 2001 [ Not found ]
  311. Checking for TCP port 2006 [ Not found ]
  312. Checking for TCP port 2128 [ Not found ]
  313. Checking for TCP port 6666 [ Not found ]
  314. Checking for TCP port 6667 [ Not found ]
  315. Checking for TCP port 6668 [ Not found ]
  316. Checking for TCP port 6669 [ Not found ]
  317. Checking for TCP port 7000 [ Not found ]
  318. Checking for TCP port 13000 [ Not found ]
  319. Checking for TCP port 14856 [ Not found ]
  320. Checking for TCP port 25000 [ Not found ]
  321. Checking for TCP port 29812 [ Not found ]
  322. Checking for TCP port 31337 [ Not found ]
  323. Checking for TCP port 32982 [ Warning ]
  324. Checking for TCP port 33369 [ Not found ]
  325. Checking for TCP port 47107 [ Not found ]
  326. Checking for TCP port 47018 [ Not found ]
  327. Checking for TCP port 60922 [ Not found ]
  328. Checking for TCP port 62883 [ Not found ]
  329. Checking for TCP port 65535 [ Not found ]
  330.  
  331. Performing checks on the network interfaces
  332. Checking for promiscuous interfaces [ None found ]
  333.  
  334. [Press <ENTER> to continue]
  335.  
  336.  
  337. Checking the local host...
  338.  
  339. Performing system boot checks
  340. Checking for local host name [ Found ]
  341. Checking for system startup files [ Found ]
  342. Checking system startup files for malware [ None found ]
  343.  
  344. Performing group and account checks
  345. Checking for passwd file [ Found ]
  346. Checking for root equivalent (UID 0) accounts [ None found ]
  347. Checking for passwordless accounts [ None found ]
  348. Checking for passwd file changes [ None found ]
  349. Checking for group file changes [ None found ]
  350. Checking root account shell history files [ OK ]
  351.  
  352. Performing system configuration file checks
  353. Checking for SSH configuration file [ Not found ]
  354. Checking for running syslog daemon [ Found ]
  355. Checking for syslog configuration file [ Found ]
  356. Checking if syslog remote logging is allowed [ Not allowed ]
  357.  
  358. Performing filesystem checks
  359. Checking /dev for suspicious file types [ Warning ]
  360. Checking for hidden files and directories [ Warning ]
  361.  
  362. [Press <ENTER> to continue]
  363.  
  364.  
  365.  
  366. System checks summary
  367. =====================
  368.  
  369. File properties checks...
  370. Files checked: 134
  371. Suspect files: 0
  372.  
  373. Rootkit checks...
  374. Rootkits checked : 242
  375. Possible rootkits: 0
  376.  
  377. Applications checks...
  378. All checks skipped
  379.  
  380. The system checks took: 3 minutes and 38 seconds
  381.  
  382. All results have been written to the log file (/var/log/rkhunter.log)
  383.  
  384. One or more warnings have been found while checking the system.
  385. Please check the log file (/var/log/rkhunter.log)
  386.  
  387. im@im:~$
  388.  
  389.  
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!