Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [root@cobalt mnist]# cat /var/mail/root
- From root@cobalt.localdomain Tue May 26 07:18:50 2015
- Return-Path: <root@cobalt.localdomain>
- X-Original-To: root@localhost
- Delivered-To: root@localhost.localdomain
- Received: by cobalt.localdomain (Postfix, from userid 0)
- id BE0D3421B07F; Tue, 26 May 2015 07:18:50 +0800 (PHT)
- Date: Tue, 26 May 2015 07:18:50 +0800
- To: root@localhost.localdomain
- Subject: rkhunter Daily Run on cobalt
- User-Agent: Heirloom mailx 12.5 7/5/10
- MIME-Version: 1.0
- Content-Type: text/plain; charset=us-ascii
- Content-Transfer-Encoding: 7bit
- Message-Id: <20150525231850.BE0D3421B07F@cobalt.localdomain>
- From: root@cobalt.localdomain (root)
- --------------------- Start Rootkit Hunter Update ---------------------
- [ Rootkit Hunter version 1.4.2 ]
- Checking rkhunter data files...
- Checking file mirrors.dat [ Update failed ]
- Checking file programs_bad.dat [ Update failed ]
- Checking file backdoorports.dat [ Update failed ]
- Checking file suspscan.dat [ Update failed ]
- Checking file i18n versions [ Update failed ]
- Please check the log file (/var/log/rkhunter/rkhunter.log)
- ---------------------- Start Rootkit Hunter Scan ----------------------
- Warning: Checking for prerequisites [ Warning ]
- The file of stored file properties (rkhunter.dat) does not exist, and should be created. To do this type in 'rkhunter --propupd'.
- Warning: WARNING! It is the users responsibility to ensure that when the '--propupd' option
- is used, all the files on their system are known to be genuine, and installed from a
- reliable source. The rkhunter '--check' option will compare the current file properties
- against previously stored values, and report if any values differ. However, rkhunter
- cannot determine what has caused the change, that is for the user to do.
- Warning: The command '/usr/sbin/ifdown' has been replaced by a script: /usr/sbin/ifdown: Bourne-Again shell script, ASCII text executable
- Warning: The command '/usr/sbin/ifup' has been replaced by a script: /usr/sbin/ifup: Bourne-Again shell script, ASCII text executable
- Warning: The command '/usr/bin/egrep' has been replaced by a script: /usr/bin/egrep: POSIX shell script, ASCII text executable
- Warning: The command '/usr/bin/fgrep' has been replaced by a script: /usr/bin/fgrep: POSIX shell script, ASCII text executable
- Warning: Unable to check for passwd file differences: no copy of the passwd file exists.
- Warning: Unable to check for group file differences: no copy of the group file exists.
- ----------------------- End Rootkit Hunter Scan -----------------------
- From root@cobalt.localdomain Tue May 26 07:18:50 2015
- Return-Path: <root@cobalt.localdomain>
- X-Original-To: root
- Delivered-To: root@cobalt.localdomain
- Received: by cobalt.localdomain (Postfix, from userid 0)
- id D29E841D3073; Tue, 26 May 2015 07:18:50 +0800 (PHT)
- From: Anacron <root@cobalt.localdomain>
- To: root@cobalt.localdomain
- Content-Type: text/plain; charset="UTF-8"
- Subject: Anacron job 'cron.daily' on cobalt
- Message-Id: <20150525231850.D29E841D3073@cobalt.localdomain>
- Date: Tue, 26 May 2015 07:18:50 +0800 (PHT)
- /etc/cron.daily/logrotate:
- error: stat of /var/log/rkhunter/rkhunter.log failed: No such file or directory
- From root@cobalt.localdomain Wed May 27 16:07:07 2015
- Return-Path: <root@cobalt.localdomain>
- X-Original-To: root@localhost
- Delivered-To: root@localhost.localdomain
- Received: by cobalt.localdomain (Postfix, from userid 0)
- id 70BF64894FF7; Wed, 27 May 2015 16:07:07 +0800 (PHT)
- Date: Wed, 27 May 2015 16:07:07 +0800
- To: root@localhost.localdomain
- Subject: rkhunter Daily Run on cobalt
- User-Agent: Heirloom mailx 12.5 7/5/10
- MIME-Version: 1.0
- Content-Type: text/plain; charset=us-ascii
- Content-Transfer-Encoding: 7bit
- Message-Id: <20150527080707.70BF64894FF7@cobalt.localdomain>
- From: root@cobalt.localdomain (root)
- --------------------- Start Rootkit Hunter Update ---------------------
- [ Rootkit Hunter version 1.4.2 ]
- Checking rkhunter data files...
- Checking file mirrors.dat [ Update failed ]
- Checking file programs_bad.dat [ Update failed ]
- Checking file backdoorports.dat [ Update failed ]
- Checking file suspscan.dat [ Update failed ]
- Checking file i18n versions [ Update failed ]
- Please check the log file (/var/log/rkhunter/rkhunter.log)
- ---------------------- Start Rootkit Hunter Scan ----------------------
- Warning: Checking for prerequisites [ Warning ]
- The file of stored file properties (rkhunter.dat) does not exist, and should be created. To do this type in 'rkhunter --propupd'.
- Warning: WARNING! It is the users responsibility to ensure that when the '--propupd' option
- is used, all the files on their system are known to be genuine, and installed from a
- reliable source. The rkhunter '--check' option will compare the current file properties
- against previously stored values, and report if any values differ. However, rkhunter
- cannot determine what has caused the change, that is for the user to do.
- Warning: The command '/usr/sbin/ifdown' has been replaced by a script: /usr/sbin/ifdown: Bourne-Again shell script, ASCII text executable
- Warning: The command '/usr/sbin/ifup' has been replaced by a script: /usr/sbin/ifup: Bourne-Again shell script, ASCII text executable
- Warning: The command '/usr/bin/egrep' has been replaced by a script: /usr/bin/egrep: POSIX shell script, ASCII text executable
- Warning: The command '/usr/bin/fgrep' has been replaced by a script: /usr/bin/fgrep: POSIX shell script, ASCII text executable
- Warning: User 'usbmuxd' has been added to the passwd file.
- Warning: User 'rtkit' has been added to the passwd file.
- Warning: User 'pulse' has been added to the passwd file.
- Warning: User 'colord' has been added to the passwd file.
- Warning: User 'gdm' has been added to the passwd file.
- Warning: User 'saslauth' has been added to the passwd file.
- Warning: User 'unbound' has been added to the passwd file.
- Warning: Group 'usbmuxd' has been added to the group file.
- Warning: Group 'rtkit' has been added to the group file.
- Warning: Group 'pulse-access' has been added to the group file.
- Warning: Group 'pulse' has been added to the group file.
- Warning: Group 'colord' has been added to the group file.
- Warning: Group 'gdm' has been added to the group file.
- Warning: Group 'slocate' has been added to the group file.
- Warning: Group 'saslauth' has been added to the group file.
- Warning: Group 'unbound' has been added to the group file.
- ----------------------- End Rootkit Hunter Scan -----------------------
- From root@cobalt.localdomain Thu May 28 04:12:04 2015
- Return-Path: <root@cobalt.localdomain>
- X-Original-To: root@localhost
- Delivered-To: root@localhost.localdomain
- Received: by cobalt.localdomain (Postfix, from userid 0)
- id D985D4586EAB; Thu, 28 May 2015 04:12:03 +0800 (PHT)
- Date: Thu, 28 May 2015 04:12:03 +0800
- To: root@localhost.localdomain
- Subject: rkhunter Daily Run on cobalt
- User-Agent: Heirloom mailx 12.5 7/5/10
- MIME-Version: 1.0
- Content-Type: text/plain; charset=us-ascii
- Content-Transfer-Encoding: 7bit
- Message-Id: <20150527201203.D985D4586EAB@cobalt.localdomain>
- From: root@cobalt.localdomain (root)
- --------------------- Start Rootkit Hunter Update ---------------------
- [ Rootkit Hunter version 1.4.2 ]
- Checking rkhunter data files...
- Checking file mirrors.dat [ Update failed ]
- Checking file programs_bad.dat [ Update failed ]
- Checking file backdoorports.dat [ Update failed ]
- Checking file suspscan.dat [ Update failed ]
- Checking file i18n versions [ Update failed ]
- Please check the log file (/var/log/rkhunter/rkhunter.log)
- ---------------------- Start Rootkit Hunter Scan ----------------------
- Warning: Checking for prerequisites [ Warning ]
- The file of stored file properties (rkhunter.dat) does not exist, and should be created. To do this type in 'rkhunter --propupd'.
- Warning: WARNING! It is the users responsibility to ensure that when the '--propupd' option
- is used, all the files on their system are known to be genuine, and installed from a
- reliable source. The rkhunter '--check' option will compare the current file properties
- against previously stored values, and report if any values differ. However, rkhunter
- cannot determine what has caused the change, that is for the user to do.
- Warning: The command '/usr/sbin/ifdown' has been replaced by a script: /usr/sbin/ifdown: Bourne-Again shell script, ASCII text executable
- Warning: The command '/usr/sbin/ifup' has been replaced by a script: /usr/sbin/ifup: Bourne-Again shell script, ASCII text executable
- Warning: The command '/usr/bin/egrep' has been replaced by a script: /usr/bin/egrep: POSIX shell script, ASCII text executable
- Warning: The command '/usr/bin/fgrep' has been replaced by a script: /usr/bin/fgrep: POSIX shell script, ASCII text executable
- ----------------------- End Rootkit Hunter Scan -----------------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement