Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [11:02:16] Starting system checks...
- [11:02:21] Info: Found file '/usr/sbin/adduser': it is whitelisted for the 'script replacement' check.
- [11:02:24] Info: Found file '/usr/bin/egrep': it is whitelisted for the 'script replacement' check.
- [11:02:24] Info: Found file '/usr/bin/fgrep': it is whitelisted for the 'script replacement' check.
- [11:02:25] Info: Found file '/usr/bin/ldd': it is whitelisted for the 'script replacement' check.
- [11:02:29] Info: Found file '/usr/bin/which': it is whitelisted for the 'script replacement' check.
- [11:02:29] /usr/bin/lwp-request [ Warning ]
- [11:02:29] Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: Perl script text executable
- [11:05:49] Info: Starting test name 'ipc_shared_mem'
- [11:05:49] Info: The minimum shared memory segment size to be checked (in bytes): 1048576 (1.0MB)
- [11:05:49] Checking for suspicious (large) shared memory segments [ Warning ]
- [11:05:49] Warning: The following suspicious (large) shared memory segments have been found:
- [11:05:49] Process: /usr/bin/mate-panel PID: 1820 Owner: xxxxx Size: 1.0MB (configured size allowed: 1.0MB)
- [11:05:49] Process: /usr/lib/x86_64-linux-gnu/polkit-mate/polkit-mate-authentication-agent-1 PID: 1917 Owner: xxxxxx Size: 4.0MB (configured size allowed: 1.0MB)
- [11:05:49] Process: /usr/bin/mono-sgen PID: 2090 Owner: root Size: 4.0MB (configured size allowed: 1.0MB)
- [11:05:49] Process: /usr/bin/mate-screensaver PID: 1905 Owner: xxxxxx Size: 64MB (configured size allowed: 1.0MB)
- [11:05:49] Process: /usr/bin/mate-terminal PID: 2107 Owner: xxxxxx Size: 4.0MB (configured size allowed: 1.0MB)
- [11:05:49] Process: /usr/lib/mate-panel/clock-applet PID: 2043 Owner: xxxxx Size: 2.0MB (configured size allowed: 1.0MB)
- [11:05:49] Process: /usr/lib/eddie-ui/eddie-tray PID: 2112 Owner: xxxxx Size: 1.0MB (configured size allowed: 1.0MB)
- [11:05:49] Process: /usr/bin/caja PID: 1841 Owner: xxxxx Size: 4.0MB (configured size allowed: 1.0MB)
- [11:05:49] Process: /usr/bin/caja PID: 1841 Owner: xxxxx Size: 64MB (configured size allowed: 1.0MB)
- [11:05:49]
- [11:05:49] Info: Starting test name 'trojans'
- [11:05:59] Info: Starting test name 'startup_files'
- [11:05:59] Performing system boot checks
- [11:05:59] Checking for local host name [ Found ]
- [11:05:59]
- [11:05:59] Info: Starting test name 'startup_malware'
- [11:05:59] Checking for system startup files [ Found ]
- [11:06:02]
- [11:06:02] Info: Starting test name 'group_accounts'
- [11:06:02] Performing group and account checks
- [11:06:02] Checking for passwd file [ Found ]
- [11:06:02] Info: Starting test name 'system_configs_ssh'
- [11:06:02] Checking for an SSH configuration file [ Found ]
- [11:06:03] Info: Found an SSH configuration file: /etc/ssh/sshd_config
- [11:06:03] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'no'.
- [11:06:03] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '2'.
- [11:06:03] Checking if SSH root access is allowed [ Warning ]
- [11:06:03] Warning: The SSH configuration option 'PermitRootLogin' has not been set.
- The default value may be 'yes', to allow root access.
- [11:06:03] Checking if SSH protocol v1 is allowed [ Not set ]
- [11:06:03] Info: Starting test name 'system_configs_syslog'
- [11:06:03] Checking for a running system logging daemon [ Found ]
- [11:06:03] Info: A running 'rsyslog' daemon has been found.
- [11:06:03] Info: A running 'systemd-journald' daemon has been found.
- [11:06:03] Info: Found an rsyslog configuration file: /etc/rsyslog.conf
- [11:06:03] Info: Found a systemd configuration file: /etc/systemd/journald.conf
- [11:06:03] Checking for a system logging configuration file [ Found ]
- [11:06:03] Checking if syslog remote logging is allowed [ Not allowed ]
- [11:06:03]
- [11:06:03] Info: Starting test name 'filesystem'
- [11:06:03] Performing filesystem checks
- [11:06:03] Info: SCAN_MODE_DEV set to 'THOROUGH'
- [11:06:04] Checking /dev for suspicious file types [ Warning ]
- [11:06:04] Warning: Suspicious file types found in /dev:
- [11:06:04] /dev/shm/mono.2090: data
- [11:06:04] /dev/shm/mono.2069: data
- [11:06:05] Checking for hidden files and directories [ Warning ]
- [11:06:05] Warning: Hidden directory found: /etc/.java
- [11:06:05] Checking for missing log files [ Skipped ]
- [11:06:05] Info: No missing log file names configured.
- [11:06:05] Checking for empty log files [ Skipped ]
- [11:06:05] Info: No empty log file names configured.
- [11:06:15]
- [11:06:15] System checks summary
- [11:06:15] =====================
- [11:06:15]
- [11:06:15] File properties checks...
- [11:06:15] Files checked: 151
- [11:06:15] Suspect files: 1
- [11:06:15]
- [11:06:15] Rootkit checks...
- [11:06:15] Rootkits checked : 501
- [11:06:15] Possible rootkits: 9
- [11:06:15]
- [11:06:15] Applications checks...
- [11:06:16] All checks skipped
- [11:06:16]
- [11:06:16] The system checks took: 3 minutes and 59 seconds
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement