Updating rkhunter dat

MCNYu Xw Icu'[] Collecting O/S info...[] Info: Found system architecture: x86_64[] Info: Found release file: /etc/centos-release[] Info: Found O/S name: Cent OS release 6.4 (Final)[] Getting file properties...[] Info: Found 41 files in /bin[] Info: Found 53 files in /usr/bin[] Info: Found 18 files in /sbin[] Info: Found 15 files in /usr/sbin[] Info: Found 0 files in /usr/local/bin[] Info: Found 0 files in /usr/local/sbin[] Info: Found 0 files in /usr/libexec[] Info: Found 0 files in /usr/local/libexec[] Info: File updated: searched for 151 files, found 127[] Info: New file installed in '/usr/local/psa/var/modules/watchdog/lib/rkhunter/lib/rkhunter/db'[][] Starting system checks...[][] Checking system commands...[] Info: Starting test name 'system_commands'[][] Performing 'strings' command checks[] Info: Starting test name 'strings'[] Scanning for string /usr/sbin/ntpsx [ OK ][] Scanning for string /usr/lib/.../ls [ OK ][] Scanning for string /usr/lib/.../netstat [ OK ][] Scanning for string /usr/lib/.../lsof [ OK ][] Scanning for string /usr/lib/.../bkit-ssh/bkit-shdcfg [ OK ][] Scanning for string /usr/lib/.../bkit-ssh/bkit-shhk [ OK ][] Scanning for string /usr/lib/.../bkit-ssh/bkit-pw [ OK ][] Scanning for string /usr/lib/.../bkit-ssh/bkit-shrs [ OK ][] Scanning for string /usr/lib/.../[ OK ][] Scanning for string /usr/lib/.../psr [ OK ][] Scanning for string /usr/lib/.../find [ OK ][] Scanning for string /usr/lib/.../pstree [ OK ][] Scanning for string /usr/lib/.../slocate [ OK ][] Scanning for string /usr/lib/.../du [ OK ][] Scanning for string /usr/lib/.../top [ OK ][] Scanning for string /usr/lib/...[ OK ][] Scanning for string /usr/lib/.../bkit-ssh [ OK ][] Scanning for string /usr/lib/.bkit- [ OK ][] Scanning for string /tmp/[ OK ][] Scanning for string /tmp/.cinik [ OK ][] Scanning for string /tmp/.font-unix/.cinik [ OK ][] Scanning for string /lib/[ OK ][] Scanning for string /lib/[ OK ][] Scanning for string /var/run/...dica/clean [ OK ][] Scanning for string /var/run/...dica/xl [ OK ][] Scanning for string /var/run/...dica/xdr [ OK ][] Scanning for string /var/run/...dica/psg [ OK ][] Scanning for string /var/run/...dica/secure [ OK ][] Scanning for string /var/run/...dica/rdx [ OK ][] Scanning for string /var/run/...dica/va [ OK ][] Scanning for string /var/run/...dica/[ OK ][] Scanning for string /usr/bin/[ OK ][] Scanning for string /usr/lib/.fx/sched_host.2 [ OK ][] Scanning for string /usr/lib/.fx/random_d.2 [ OK ][] Scanning for string /usr/lib/.fx/set_pid.2 [ OK ][] Scanning for string /usr/lib/.fx/cons.saver [ OK ][] Scanning for string /usr/lib/.fx/adore/adore/[ OK ][] Scanning for string /bin/sysback [ OK ][] Scanning for string /usr/local/bin/sysback [ OK ][] Scanning for string /usr/lib/[ OK ][] Scanning for string /dev/.lib/lib/lib/t0rns [ OK ][] Scanning for string /dev/.lib/lib/lib/du [ OK ][] Scanning for string /dev/.lib/lib/lib/ls [ OK ][] Scanning for string /dev/.lib/lib/lib/t0rnsb [ OK ][] Scanning for string /dev/.lib/lib/lib/ps [ OK ][] Scanning for string /dev/.lib/lib/lib/t0rnp [ OK ][] Scanning for string /dev/.lib/lib/lib/find [ OK ][] Scanning for string /dev/.lib/lib/lib/ifconfig [ OK ][] Scanning for string /dev/.lib/lib/lib/pg [ OK ][] Scanning for string /dev/.lib/lib/lib/[ OK ][] Scanning for string /dev/.lib/lib/lib/top [ OK ][] Scanning for string /dev/.lib/lib/lib/sz [ OK ][] Scanning for string /dev/.lib/lib/lib/login [ OK ][] Scanning for string /dev/.lib/lib/lib/in.fingerd [ OK ][] Scanning for string /dev/.lib/lib/lib/1i0[ OK ][] Scanning for string /dev/.lib/lib/lib/pstree [ OK ][] Scanning for string /dev/.lib/lib/lib/in.telnetd [ OK ][] Scanning for string /dev/.lib/lib/lib/mjy [ OK ][] Scanning for string /dev/.lib/lib/lib/sush [ OK ][] Scanning for string /dev/.lib/lib/lib/tfn [ OK ][] Scanning for string /dev/.lib/lib/lib/name [ OK ][] Scanning for string /dev/.lib/lib/lib/[ OK ][] Scanning for string /usr/info/.torn/sh* [ OK ][] Scanning for string /usr/src/.puta/.1addr [ OK ][] Scanning for string /usr/src/.puta/.1file [ OK ][] Scanning for string /usr/src/.puta/.1proc [ OK ][] Scanning for string /usr/src/.puta/.1logz [ OK ][] Scanning for string /usr/info/.t0rn [ OK ][] Scanning for string /dev/[ OK ][] Scanning for string /dev/.lib/lib [ OK ][] Scanning for string /dev/.lib/lib/lib [ OK ][] Scanning for string /dev/.lib/lib/lib/dev [ OK ][] Scanning for string /dev/.lib/lib/scan [ OK ][] Scanning for string /usr/src/[ OK ][] Scanning for string /usr/man/man1/man1 [ OK ][] Scanning for string /usr/man/man1/man1/lib [ OK ][] Scanning for string /usr/man/man1/man1/lib/[ OK ][] Scanning for string /usr/man/man1/man1/lib/.lib/.backup [ OK ][][] Performing 'shared libraries' checks[] Info: Starting test name 'shared_libs'[] Checking for preloading variables [ None found ][] Checking for preload file [ Not found ][] Info: Starting test name 'shared_libs_path'[] Checking LD_LIBRARY_PATH variable [ Not found ][][] Performing file properties checks[] Info: Starting test name 'properties'[] Checking for prerequisites [ OK ][] /bin/awk [ OK ][] /bin/basename [ OK ][] /bin/bash [ OK ][] /bin/cat [ OK ][] /bin/chmod [ OK ][] /bin/chown [ OK ][] /bin/cp [ OK ][] /bin/csh [ OK ][] /bin/cut [ OK ][] /bin/date [ OK ][] /bin/df [ OK ][] /bin/dmesg [ OK ][] /bin/echo [ OK ][] /bin/ed [ OK ][] /bin/egrep [ OK ][] /bin/env [ OK ][] /bin/fgrep [ OK ][] /bin/find [ OK ][] /bin/grep [ OK ][] /bin/kill [ OK ][] /bin/login [ OK ][] /bin/ls [ OK ][] /bin/mail [ OK ][] /bin/mktemp [ OK ][] /bin/more [ OK ][] /bin/mount [ OK ][] /bin/mv [ OK ][] /bin/netstat [ OK ][] /bin/ps [ OK ][] /bin/pwd [ OK ][] /bin/readlink [ OK ][] /bin/rpm [ OK ][] /bin/sed [ OK ][] /bin/sh [ OK ][] /bin/sort [ OK ][] /bin/su [ OK ][] /bin/touch [ OK ][] /bin/uname [ OK ][] /bin/gawk [ OK ][] /bin/tcsh [ OK ][] /bin/mailx [ OK ][] /usr/bin/awk [ OK ][] /usr/bin/chattr [ OK ][] /usr/bin/curl [ OK ][] /usr/bin/cut [ OK ][] /usr/bin/diff [ OK ][] /usr/bin/dirname [ OK ][] /usr/bin/du [ OK ][] /usr/bin/env [ OK ][] /usr/bin/file [ OK ][] /usr/bin/find [ OK ][] /usr/bin/GET [ OK ][] /usr/bin/groups [ OK ][] /usr/bin/head [ OK ][] /usr/bin/id [ OK ][] /usr/bin/kill [ OK ][] /usr/bin/killall [ OK ][] /usr/bin/last [ OK ][] /usr/bin/lastlog [ OK ][] /usr/bin/ldd [ OK ][] /usr/bin/less [ OK ][] /usr/bin/locate [ OK ][] /usr/bin/logger [ OK ][] /usr/bin/lsattr [ OK ][] /usr/bin/md5sum [ OK ][] /usr/bin/newgrp [ OK ][] /usr/bin/passwd [ OK ][] Info: Found file '/usr/bin/passwd': it is whitelisted for the 'file immutable-bit' check.[] /usr/bin/perl [ OK ][] /usr/bin/pstree [ OK ][] /usr/bin/readlink [ OK ][] /usr/bin/runcon [ OK ][] /usr/bin/sha1sum [ OK ][] /usr/bin/size [ OK ][] /usr/bin/stat [ OK ][] /usr/bin/strace [ OK ][] /usr/bin/strings [ OK ][] /usr/bin/sudo [ OK ][] /usr/bin/tail [ OK ][] /usr/bin/test [ OK ][] /usr/bin/top [ OK ][] /usr/bin/tr [ OK ][] /usr/bin/uniq [ OK ][] /usr/bin/users [ OK ][] /usr/bin/vmstat [ OK ][] /usr/bin/w [ OK ][] /usr/bin/watch [ OK ][] /usr/bin/wc [ OK ][] /usr/bin/wget [ OK ][] /usr/bin/whatis [ OK ][] /usr/bin/whereis [ OK ][] /usr/bin/which [ OK ][] /usr/bin/who [ OK ][] /usr/bin/whoami [ OK ][] /usr/bin/gawk [ OK ][] /sbin/chkconfig [ OK ][] /sbin/depmod [ OK ][] /sbin/fuser [ OK ][] /sbin/ifconfig [ OK ][] /sbin/ifdown [ OK ][] /sbin/ifup [ OK ][] /sbin/init [ OK ][] Info: Found file '/sbin/init': it is whitelisted for the 'file immutable-bit' check.[] /sbin/insmod [ OK ][] /sbin/ip [ OK ][] /sbin/lsmod [ OK ][] /sbin/modinfo [ OK ][] /sbin/modprobe [ OK ][] /sbin/nologin [ OK ][] /sbin/rmmod [ OK ][] /sbin/rsyslogd [ OK ][] /sbin/runlevel [ OK ][] /sbin/sulogin [ OK ][] /sbin/sysctl [ OK ][] /usr/sbin/adduser [ OK ][] /usr/sbin/chroot [ OK ][] /usr/sbin/groupadd [ OK ][] /usr/sbin/groupdel [ OK ][] /usr/sbin/groupmod [ OK ][] /usr/sbin/grpck [ OK ][] /usr/sbin/lsof [ OK ][] /usr/sbin/pwck [ OK ][] /usr/sbin/sestatus [ OK ][] /usr/sbin/tcpd [ OK ][] /usr/sbin/useradd [ OK ][] /usr/sbin/userdel [ OK ][] /usr/sbin/usermod [ OK ][] /usr/sbin/vipw [ OK ][] /usr/sbin/xinetd [ OK ][][] Checking for rootkits...[] Info: Starting test name 'rootkits'[][] Performing check of known rootkit files and directories[] Info: Starting test name 'known_rkts'[][] Checking for 55808 Trojan - Variant A...[] Checking for file '/tmp/.../r' [ Not found ][] Checking for file '/tmp/.../a' [ Not found ][] 55808 Trojan - Variant A [ Not found ][][] Checking for ADM Worm...[] Checking for string 'w0rm' [ Not found ][] ADM Worm [ Not found ][][] Checking for Aja Kit Rootkit...[] Checking for file '/dev/tux/.addr' [ Not found ][] Checking for file '/dev/tux/.proc' [ Not found ][] Checking for file '/dev/tux/.file' [ Not found ][] Checking for file '/lib/.libgh-gh/cleaner' [ Not found ][] Checking for file '/lib/.libgh-gh/Patch/patch' [ Not found ][] Checking for file '/lib/.libgh-gh/sb0k' [ Not found ][] Checking for directory '/dev/tux' [ Not found ][] Checking for directory '/lib/.libgh-gh' [ Not found ][] Aja Kit Rootkit [ Not found ][][] Checking for a Pa Kit...[] Checking for file '/usr/share/.a Pa' [ Not found ][] a Pa Kit [ Not found ][][] Checking for Apache Worm...[] Checking for file '/bin/.log' [ Not found ][] Apache Worm [ Not found ][][] Checking for Ambient (ark) Rootkit...[] Checking for file '/usr/lib/.ark?Checking installation directories: Directory /usr/local/share/doc/rkhunter-1.4.2: creating: OK Directory /usr/local/share/man/man8: exists and is writable. Create following file with the help of your favourite editor. /bin/sh ( /usr/local/bin/rkhunter --versioncheck /usr/local/bin/rkhunter --update /usr/local/bin/rkhunter --cronjob --report-warnings-only ) | /bin/mail -s 'rkhunter Daily Run (Put Your Server Name Here)' [email protected][ Rootkit Hunter version 1.4.2 ] Checking system commands...Performing 'strings' command checks Checking 'strings' command [ OK ] Performing 'shared libraries' checks Checking for preloading variables [ None found ] Checking for preloaded libraries [ None found ] Checking LD_LIBRARY_PATH variable [ Not found ] Performing file properties checks Checking for prerequisites [ OK ] /usr/local/bin/rkhunter [ OK ] /usr/sbin/adduser [ OK ] /usr/sbin/chkconfig [ OK ] /usr/sbin/chroot [ OK ] /usr/sbin/depmod [ OK ] /usr/sbin/fsck [ OK ] /usr/sbin/fuser [ OK ] /usr/sbin/groupadd [ OK ] /usr/sbin/groupdel [ OK ] /usr/sbin/groupmod [ OK ] /usr/sbin/grpck [ OK ] /usr/sbin/ifconfig [ OK ] /usr/sbin/ifdown [ Warning ] /usr/sbin/ifup [ Warning ] /usr/sbin/init [ OK ] /usr/sbin/insmod [ OK ] /usr/sbin/ip [ OK ] /usr/sbin/lsmod [ OK ] /usr/sbin/lsof [ OK ] /usr/sbin/modinfo [ OK ] /usr/sbin/modprobe [ OK ] /usr/sbin/nologin [ OK ] /usr/sbin/pwck [ OK ] /usr/sbin/rmmod [ OK ] /usr/sbin/route [ OK ] /usr/sbin/rsyslogd [ OK ] /usr/sbin/runlevel [ OK ] /usr/sbin/sestatus [ OK ] /usr/sbin/sshd [ OK ] /usr/sbin/sulogin [ OK ] /usr/sbin/sysctl [ OK ] /usr/sbin/tcpd [ OK ] /usr/sbin/useradd [ OK ] /usr/sbin/userdel [ OK ] /usr/sbin/usermod [ OK ] .... Performing check of known rootkit files and directories 55808 Trojan - Variant A [ Not found ] ADM Worm [ Not found ] Aja Kit Rootkit [ Not found ] Adore Rootkit [ Not found ] a Pa Kit [ Not found ] .....Antivirus software came into use, but was updated relatively infrequently.

Checking system for: Rootkit Hunter installer files: found A web file download command: wget found Starting installation: Checking installation directory "/usr/local": it exists and is writable. Directory /usr/local/lib64: exists and is writable. Checking file [ No update ] Checking file programs_[ Updated ] Checking file [ No update ] Checking file [ No update ] Checking file i18n/cn [ No update ] Checking file i18n/de [ No update ] Checking file i18n/en [ No update ] Checking file i18n/tr [ No update ] Checking file i18n/tr.utf8 [ No update ] Checking file i18n/zh [ No update ] Checking file i18n/zh.utf8 [ No update ] [ Rootkit Hunter version 1.4.2 ] File created: searched for 174 files, found 137 Create a file called under /etc/cron.daily/, which then scans your file system every day and sends email notifications to your email id.In der Einschätzung, dass Antivir-Personel unter Linux keine Rootkits sucht, habe ich auch (manuell) -rkhunter- installiert und laufen lassen. Weiter hat meine Überprüfung der benannten Dateien Wissensgrenzen. in der Datei -groups- der Text stehen würde "..richte die Gruppe -Böser Finger- ein." könnte ich es bewerten, so aber nicht. Danach mal rkhunter --propupd ausfuehren und mal die Konfiguarationsdatei /etc/durchlesen (evtl. Ich frage mich nur was ich mit dem erweiterten --check... Einmal wird im Forum hier mitgeteilt, dass -rkhunter- wohl etwas sensibel (überkritisch) ist. du koenntest mal "sudo rkhunter --check --pkgmgr dpkg" versuchen, dann checkt er die md5 hashes von dpkg gegen deine files, dann sollten die fehler weg sein.Antivirus software was originally developed to detect and remove computer viruses, hence the name.However, with the proliferation of other kinds of malware, antivirus software started to provide protection from other computer threats.also mit --check haste gar nichts ausgegrenzt (ist dasslbe wie -c) eher mit --pkgmgr dpkg, durch diese Option checkt rkhunter die hashes vom Paketmanager unter Ubuntu.

725

Leave a Reply