| |
| |||||||
Alles rund um Mac OSX & Linux: Ubuntu Trusty - IP- Bannend - rkhunter Suspect files: 42Windows 7 Für alle Fragen rund um Mac OSX, Linux und andere Unix-Derivate. |
19.01.2016, 21:57
| #1 |
| |  Ubuntu Trusty - IP- Bannend - rkhunter Suspect files: 42 Moin, dass man bei rkhunter nicht gleich in Paranoia verfallen muß - sollte klar sein. Doch da habe ich gerade meine zweifel, daher folgendes; IP-Bannend auf Seiten, wo ich garnicht angemeldet bin - bzw. nicht aufrufbar, rkhunter meldet Suspect files: 42 !!! Normal? [CODE][20:50:11] Running Rootkit Hunter version 1.4.0 on hp72-Pavilion-ZV6000-PZ983EA-ABD [20:50:11] [20:50:11] Info: Start date is Di 19. Jan 20:50:11 CET 2016 [20:50:11] [20:50:11] Checking configuration file and command-line options... [20:50:11] Info: Detected operating system is 'Linux' [20:50:11] Info: Found O/S name: Ubuntu 14.04.3 LTS [20:50:11] Info: Command line is /usr/bin/rkhunter -c [20:50:11] Info: Environment shell is /bin/bash; rkhunter is using dash [20:50:11] Info: Using configuration file '/etc/rkhunter.conf' [20:50:11] Info: Installation directory is '/usr' [20:50:11] Info: Using language 'en' [20:50:11] Info: Using '/var/lib/rkhunter/db' as the database directory [20:50:11] Info: Using '/usr/share/rkhunter/scripts' as the support script directory [20:50:11] Info: Using '/usr/local/sbin /usr/local/bin /usr/sbin /usr/bin /sbin /bin' as the command directories [20:50:11] Info: Using '/var/lib/rkhunter/tmp' as the temporary directory [20:50:11] Info: No mail-on-warning address configured [20:50:11] Info: X will be automatically detected [20:50:11] Info: Using second color set [20:50:11] Info: Found the 'basename' command: /usr/bin/basename [20:50:11] Info: Found the 'diff' command: /usr/bin/diff [20:50:11] Info: Found the 'dirname' command: /usr/bin/dirname [20:50:11] Info: Found the 'file' command: /usr/bin/file [20:50:11] Info: Found the 'find' command: /usr/bin/find [20:50:11] Info: Found the 'ifconfig' command: /sbin/ifconfig [20:50:11] Info: Found the 'ip' command: /sbin/ip [20:50:11] Info: Found the 'ldd' command: /usr/bin/ldd [20:50:11] Info: Found the 'lsattr' command: /usr/bin/lsattr [20:50:11] Info: Found the 'lsmod' command: /sbin/lsmod [20:50:11] Info: Found the 'lsof' command: /usr/bin/lsof [20:50:11] Info: Found the 'mktemp' command: /bin/mktemp [20:50:11] Info: Found the 'netstat' command: /bin/netstat [20:50:11] Info: Found the 'perl' command: /usr/bin/perl [20:50:11] Info: Found the 'pgrep' command: /usr/bin/pgrep [20:50:11] Info: Found the 'ps' command: /bin/ps [20:50:11] Info: Found the 'pwd' command: /bin/pwd [20:50:11] Info: Found the 'readlink' command: /bin/readlink [20:50:11] Info: Found the 'stat' command: /usr/bin/stat [20:50:11] Info: Found the 'strings' command: /usr/bin/strings [20:50:11] Info: System is not using prelinking [20:50:11] Info: Using the '/usr/bin/sha1sum' command for the file hash checks [20:50:11] Info: Stored hash values used hash function '/usr/bin/sha1sum' [20:50:11] Info: Stored hash values did not use a package manager [20:50:11] Info: The hash function field index is set to 1 [20:50:11] Info: No package manager specified: using hash function '/usr/bin/sha1sum' [20:50:11] Info: Previous file attributes were stored [20:50:11] Info: Enabled tests are: all [20:50:11] Info: Disabled tests are: suspscan hidden_procs deleted_files packet_cap_apps apps [20:50:11] Info: Found ksym file '/proc/kallsyms' [20:50:11] Info: Using 'date' to process epoch second times [20:50:11] [20:50:11] Checking if the O/S has changed since last time... [20:50:11] Info: Nothing seems to have changed. [20:50:12] Info: Locking is not being used [20:50:12] [20:50:12] Starting system checks... [20:50:12] [20:50:12] Info: Starting test name 'system_commands' [20:50:12] Checking system commands... [20:50:12] [20:50:12] Info: Starting test name 'strings' [20:50:12] Performing 'strings' command checks [20:50:12] Scanning for string /usr/sbin/ntpsx [ OK ] [20:50:12] Scanning for string /usr/sbin/.../bkit-ava [ OK ] [20:50:12] Scanning for string /usr/sbin/.../bkit-d [ OK ] [20:50:12] Scanning for string /usr/sbin/.../bkit-shd [ OK ] [20:50:12] Scanning for string /usr/sbin/.../bkit-f [ OK ] [20:50:12] Scanning for string /usr/include/.../proc.h [ OK ] [20:50:12] Scanning for string /usr/include/.../.bash_history [ OK ] [20:50:12] Scanning for string /usr/include/.../bkit-get [ OK ] [20:50:12] Scanning for string /usr/include/.../bkit-dl [ OK ] [20:50:12] Scanning for string /usr/include/.../bkit-screen [ OK ] [20:50:12] Scanning for string /usr/include/.../bkit-sleep [ OK ] [20:50:12] Scanning for string /usr/lib/.../bkit-adore.o [ OK ] [20:50:12] Scanning for string /usr/lib/.../ls [ OK ] [20:50:12] Scanning for string /usr/lib/.../netstat [ OK ] [20:50:12] Scanning for string /usr/lib/.../lsof [ OK ] [20:50:12] Scanning for string /usr/lib/.../bkit-ssh/bkit-shdcfg [ OK ] [20:50:12] Scanning for string /usr/lib/.../bkit-ssh/bkit-shhk [ OK ] [20:50:12] Scanning for string /usr/lib/.../bkit-ssh/bkit-pw [ OK ] [20:50:12] Scanning for string /usr/lib/.../bkit-ssh/bkit-shrs [ OK ] [20:50:13] Scanning for string /usr/lib/.../bkit-ssh/bkit-mots [ OK ] [20:50:13] Scanning for string /usr/lib/.../uconf.inv [ OK ] [20:50:13] Scanning for string /usr/lib/.../psr [ OK ] [20:50:13] Scanning for string /usr/lib/.../find [ OK ] [20:50:13] Scanning for string /usr/lib/.../pstree [ OK ] [20:50:13] Scanning for string /usr/lib/.../slocate [ OK ] [20:50:13] Scanning for string /usr/lib/.../du [ OK ] [20:50:13] Scanning for string /usr/lib/.../top [ OK ] [20:50:13] Scanning for string /usr/sbin/... [ OK ] [20:50:13] Scanning for string /usr/include/... [ OK ] [20:50:13] Scanning for string /usr/include/.../.tmp [ OK ] [20:50:13] Scanning for string /usr/lib/... [ OK ] [20:50:13] Scanning for string /usr/lib/.../.ssh [ OK ] [20:50:13] Scanning for string /usr/lib/.../bkit-ssh [ OK ] [20:50:13] Scanning for string /usr/lib/.bkit- [ OK ] [20:50:13] Scanning for string /tmp/.bkp [ OK ] [20:50:13] Scanning for string /tmp/.cinik [ OK ] [20:50:13] Scanning for string /tmp/.font-unix/.cinik [ OK ] [20:50:13] Scanning for string /lib/.sso [ OK ] [20:50:13] Scanning for string /lib/.so [ OK ] [20:50:13] Scanning for string /var/run/...dica/clean [ OK ] [20:50:13] Scanning for string /var/run/...dica/dxr [ OK ] [20:50:13] Scanning for string /var/run/...dica/read [ OK ] [20:50:13] Scanning for string /var/run/...dica/write [ OK ] [20:50:13] Scanning for string /var/run/...dica/lf [ OK ] [20:50:13] Scanning for string /var/run/...dica/xl [ OK ] [20:50:14] Scanning for string /var/run/...dica/xdr [ OK ] [20:50:14] Scanning for string /var/run/...dica/psg [ OK ] [20:50:14] Scanning for string /var/run/...dica/secure [ OK ] [20:50:14] Scanning for string /var/run/...dica/rdx [ OK ] [20:50:14] Scanning for string /var/run/...dica/va [ OK ] [20:50:14] Scanning for string /var/run/...dica/cl.sh [ OK ] [20:50:14] Scanning for string /var/run/...dica/last.log [ OK ] [20:50:14] Scanning for string /usr/bin/.etc [ OK ] [20:50:14] Scanning for string /etc/sshd_config [ OK ] [20:50:14] Scanning for string /etc/ssh_host_key [ OK ] [20:50:14] Scanning for string /etc/ssh_random_seed [ OK ] [20:50:14] Scanning for string /dev/ptyp [ OK ] [20:50:14] Scanning for string /dev/ptyq [ OK ] [20:50:14] Scanning for string /dev/ptyr [ OK ] [20:50:14] Scanning for string /dev/ptys [ OK ] [20:50:14] Scanning for string /dev/ptyt [ OK ] [20:50:14] Scanning for string /dev/fd/.88/freshb-bsd [ OK ] [20:50:14] Scanning for string /dev/fd/.88/fresht [ OK ] [20:50:14] Scanning for string /dev/fd/.88/zxsniff [ OK ] [20:50:14] Scanning for string /dev/fd/.88/zxsniff.log [ OK ] [20:50:14] Scanning for string /dev/fd/.99/.ttyf00 [ OK ] [20:50:14] Scanning for string /dev/fd/.99/.ttyp00 [ OK ] [20:50:14] Scanning for string /dev/fd/.99/.ttyq00 [ OK ] [20:50:14] Scanning for string /dev/fd/.99/.ttys00 [ OK ] [20:50:14] Scanning for string /dev/fd/.99/.pwsx00 [ OK ] [20:50:14] Scanning for string /etc/.acid [ OK ] [20:50:14] Scanning for string /usr/lib/.fx/sched_host.2 [ OK ] [20:50:14] Scanning for string /usr/lib/.fx/random_d.2 [ OK ] [20:50:15] Scanning for string /usr/lib/.fx/set_pid.2 [ OK ] [20:50:15] Scanning for string /usr/lib/.fx/setrgrp.2 [ OK ] [20:50:15] Scanning for string /usr/lib/.fx/TOHIDE [ OK ] [20:50:15] Scanning for string /usr/lib/.fx/cons.saver [ OK ] [20:50:15] Scanning for string /usr/lib/.fx/adore/ava/ava [ OK ] [20:50:15] Scanning for string /usr/lib/.fx/adore/adore/adore.ko [ OK ] [20:50:15] Scanning for string /bin/sysback [ OK ] [20:50:15] Scanning for string /usr/local/bin/sysback [ OK ] [20:50:15] Scanning for string /usr/lib/.tbd [ OK ] [20:50:15] Scanning for string /dev/.lib/lib/lib/t0rns [ OK ] [20:50:15] Scanning for string /dev/.lib/lib/lib/du [ OK ] [20:50:15] Scanning for string /dev/.lib/lib/lib/ls [ OK ] [20:50:15] Scanning for string /dev/.lib/lib/lib/t0rnsb [ OK ] [20:50:15] Scanning for string /dev/.lib/lib/lib/ps [ OK ] [20:50:15] Scanning for string /dev/.lib/lib/lib/t0rnp [ OK ] [20:50:15] Scanning for string /dev/.lib/lib/lib/find [ OK ] [20:50:15] Scanning for string /dev/.lib/lib/lib/ifconfig [ OK ] [20:50:15] Scanning for string /dev/.lib/lib/lib/pg [ OK ] [20:50:15] Scanning for string /dev/.lib/lib/lib/ssh.tgz [ OK ] [20:50:15] Scanning for string /dev/.lib/lib/lib/top [ OK ] [20:50:15] Scanning for string /dev/.lib/lib/lib/sz [ OK ] [20:50:15] Scanning for string /dev/.lib/lib/lib/login [ OK ] [20:50:15] Scanning for string /dev/.lib/lib/lib/in.fingerd [ OK ] [20:50:16] Scanning for string /dev/.lib/lib/lib/1i0n.sh [ OK ] [20:50:16] Scanning for string /dev/.lib/lib/lib/pstree [ OK ] [20:50:16] Scanning for string /dev/.lib/lib/lib/in.telnetd [ OK ] [20:50:16] Scanning for string /dev/.lib/lib/lib/mjy [ OK ] [20:50:16] Scanning for string /dev/.lib/lib/lib/sush [ OK ] [20:50:16] Scanning for string /dev/.lib/lib/lib/tfn [ OK ] [20:50:16] Scanning for string /dev/.lib/lib/lib/name [ OK ] [20:50:16] Scanning for string /dev/.lib/lib/lib/getip.sh [ OK ] [20:50:16] Scanning for string /usr/info/.torn/sh* [ OK ] [20:50:16] Scanning for string /usr/src/.puta/.1addr [ OK ] [20:50:16] Scanning for string /usr/src/.puta/.1file [ OK ] [20:50:16] Scanning for string /usr/src/.puta/.1proc [ OK ] [20:50:16] Scanning for string /usr/src/.puta/.1logz [ OK ] [20:50:16] Scanning for string /usr/info/.t0rn [ OK ] [20:50:16] Scanning for string /dev/.lib [ OK ] [20:50:16] Scanning for string /dev/.lib/lib [ OK ] [20:50:16] Scanning for string /dev/.lib/lib/lib [ OK ] [20:50:16] Scanning for string /dev/.lib/lib/lib/dev [ OK ] [20:50:16] Scanning for string /dev/.lib/lib/scan [ OK ] [20:50:16] Scanning for string /usr/src/.puta [ OK ] [20:50:16] Scanning for string /usr/man/man1/man1 [ OK ] [20:50:16] Scanning for string /usr/man/man1/man1/lib [ OK ] [20:50:16] Scanning for string /usr/man/man1/man1/lib/.lib [ OK ] [20:50:16] Scanning for string /usr/man/man1/man1/lib/.lib/.backup [ OK ] [20:50:16] [20:50:16] Info: Starting test name 'shared_libs' [20:50:16] Performing 'shared libraries' checks [20:50:16] Checking for preloading variables [ None found ] [20:50:17] Checking for preloaded libraries [ None found ] [20:50:17] [20:50:17] Info: Starting test name 'shared_libs_path' [20:50:17] Checking LD_LIBRARY_PATH variable [ Not found ] [20:50:17] [20:50:17] Info: Starting test name 'properties' [20:50:17] Performing file properties checks [20:50:17] Checking for prerequisites [ OK ] [20:50:20] /usr/sbin/adduser [ OK ] [20:50:20] Info: Found file '/usr/sbin/adduser': it is whitelisted for the 'script replacement' check. [20:50:20] /usr/sbin/chroot [ Warning ] [20:50:20] Warning: The file properties have changed: [20:50:20] File: /usr/sbin/chroot [20:50:20] Current hash: 8494af77719654704445c03826606674d47f8034 [20:50:20] Stored hash : 877ef64429a0a96b18a270b81125bbc13d7d1b03 [20:50:20] Current inode: 1978484 Stored inode: 1964056 [20:50:20] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:20] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:20] /usr/sbin/cron [ OK ] [20:50:21] /usr/sbin/groupadd [ OK ] [20:50:21] /usr/sbin/groupdel [ OK ] [20:50:21] /usr/sbin/groupmod [ OK ] [20:50:21] /usr/sbin/grpck [ OK ] [20:50:22] /usr/sbin/nologin [ OK ] [20:50:22] /usr/sbin/pwck [ OK ] [20:50:22] /usr/sbin/rsyslogd [ OK ] [20:50:22] /usr/sbin/tcpd [ OK ] [20:50:23] /usr/sbin/useradd [ OK ] [20:50:23] /usr/sbin/userdel [ OK ] [20:50:23] /usr/sbin/usermod [ OK ] [20:50:23] /usr/sbin/vipw [ OK ] [20:50:23] /usr/bin/awk [ OK ] [20:50:23] /usr/bin/basename [ Warning ] [20:50:23] Warning: The file properties have changed: [20:50:23] File: /usr/bin/basename [20:50:23] Current hash: d1382f9d8f56097b3b1c13d57fd550760faf1ab4 [20:50:23] Stored hash : 63f41a87d0dc5c8179a82c88316bbb0413f0adb2 [20:50:23] Current inode: 1978429 Stored inode: 1964074 [20:50:23] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:23] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:24] /usr/bin/chattr [ OK ] [20:50:24] /usr/bin/cut [ Warning ] [20:50:24] Warning: The file properties have changed: [20:50:24] File: /usr/bin/cut [20:50:24] Current hash: efcec67fc6d9bf6b70cebeab84dc4afc80de4baa [20:50:24] Stored hash : 7c154757f2d949afb0674d4d74924be850e945e3 [20:50:24] Current inode: 1978417 Stored inode: 1964694 [20:50:24] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:24] Stored file modification time : 1421207425 (14-Jan-2015 04:50:25) [20:50:24] /usr/bin/diff [ OK ] [20:50:24] /usr/bin/dirname [ Warning ] [20:50:24] Warning: The file properties have changed: [20:50:24] File: /usr/bin/dirname [20:50:24] Current hash: af7966db06328023596c9818c03058fde0d8b6f8 [20:50:24] Stored hash : 883fb7a1784d92e74edc2b296d8f47d73febca5b [20:50:24] Current inode: 1978457 Stored inode: 1964064 [20:50:24] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:24] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:24] /usr/bin/dpkg [ OK ] [20:50:25] /usr/bin/dpkg-query [ OK ] [20:50:25] /usr/bin/du [ Warning ] [20:50:25] Warning: The file properties have changed: [20:50:25] File: /usr/bin/du [20:50:25] Current hash: 2e267de983d65bc69197decab7121e0f02d0ef64 [20:50:25] Stored hash : 39abfdfa8d1ff2d985655c2a70e312bb02a13deb [20:50:25] Current inode: 1978450 Stored inode: 1964070 [20:50:25] Current size: 108420 Stored size: 108388 [20:50:25] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:25] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:25] /usr/bin/env [ Warning ] [20:50:25] Warning: The file properties have changed: [20:50:25] File: /usr/bin/env [20:50:25] Current hash: ae2be25185e9f6e165c6ed345c7bf40652d0ee42 [20:50:25] Stored hash : bcbe71ed35bd56e6c3e1ad5194e932efcba4cfd3 [20:50:25] Current inode: 1978456 Stored inode: 1964696 [20:50:25] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:25] Stored file modification time : 1421207425 (14-Jan-2015 04:50:25) [20:50:25] /usr/bin/file [ OK ] [20:50:25] /usr/bin/find [ OK ] [20:50:26] /usr/bin/GET [ OK ] [20:50:26] /usr/bin/groups [ Warning ] [20:50:26] Warning: The file properties have changed: [20:50:26] File: /usr/bin/groups [20:50:26] Current hash: 71067962d4119749617db69e7753d720983edf97 [20:50:26] Stored hash : ee33bc77992bd7e6e7235cd3dc582acc40a9f15d [20:50:26] Current inode: 1978419 Stored inode: 1964682 [20:50:26] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:26] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:26] Info: Found file '/usr/bin/groups': it is whitelisted for the 'script replacement' check. [20:50:26] /usr/bin/head [ Warning ] [20:50:26] Warning: The file properties have changed: [20:50:26] File: /usr/bin/head [20:50:26] Current hash: 77803f0357c0096090b5b2f3e1484385a8b0ae9c [20:50:26] Stored hash : 8900899be74397d95d5a960d91967fe322bef36e [20:50:26] Current inode: 1978474 Stored inode: 1964086 [20:50:26] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:26] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:26] /usr/bin/id [ Warning ] [20:50:26] Warning: The file properties have changed: [20:50:26] File: /usr/bin/id [20:50:26] Current hash: 2f697cbd2210e535a56b8227d2694b511655e1f0 [20:50:26] Stored hash : 61d5a4b61cf7532514adc7fca91b1c9ca8045798 [20:50:26] Current inode: 1978475 Stored inode: 1964092 [20:50:27] Current file modification time: 1449162951 (03-Dez-2015 18:15:52) [20:50:27] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:27] /usr/bin/killall [ OK ] [20:50:27] /usr/bin/last [ OK ] [20:50:27] /usr/bin/lastlog [ OK ] [20:50:27] /usr/bin/ldd [ OK ] [20:50:27] Info: Found file '/usr/bin/ldd': it is whitelisted for the 'script replacement' check. [20:50:27] /usr/bin/less [ OK ] [20:50:27] /usr/bin/locate [ OK ] [20:50:28] /usr/bin/logger [ OK ] [20:50:28] /usr/bin/lsattr [ OK ] [20:50:28] /usr/bin/lsof [ OK ] [20:50:28] /usr/bin/md5sum [ Warning ] [20:50:28] Warning: The file properties have changed: [20:50:28] File: /usr/bin/md5sum [20:50:28] Current hash: cd29d2c446cd1b5a552516908b706e05def7defc [20:50:28] Stored hash : b705bb61615a46a6759aef63719b1f9f50037780 [20:50:28] Current inode: 1978453 Stored inode: 1964101 [20:50:28] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:28] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:28] /usr/bin/mlocate [ OK ] [20:50:28] /usr/bin/newgrp [ OK ] [20:50:29] /usr/bin/passwd [ OK ] [20:50:29] /usr/bin/perl [ OK ] [20:50:29] /usr/bin/pgrep [ OK ] [20:50:29] /usr/bin/pkill [ OK ] [20:50:29] /usr/bin/pstree [ OK ] [20:50:29] /usr/bin/rkhunter [ OK ] [20:50:29] /usr/bin/runcon [ Warning ] [20:50:29] Warning: The file properties have changed: [20:50:29] File: /usr/bin/runcon [20:50:29] Current hash: 904b95e851e6530e2d1d5de3e7fa111781ecd8ef [20:50:29] Stored hash : 5ac5a6f3bbd643f192949c089d14e4c06b43da47 [20:50:29] Current inode: 1978455 Stored inode: 1964688 [20:50:29] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:29] Stored file modification time : 1421207425 (14-Jan-2015 04:50:25) [20:50:30] /usr/bin/sha1sum [ Warning ] [20:50:30] Warning: The file properties have changed: [20:50:30] File: /usr/bin/sha1sum [20:50:30] Current hash: f96f234ac46317d184fedffd0770425dda7cab5d [20:50:30] Stored hash : e1c97e4bee27c3a61c2e1acbe525bac643191e38 [20:50:30] Current inode: 1978412 Stored inode: 1964685 [20:50:30] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:30] Stored file modification time : 1421207425 (14-Jan-2015 04:50:25) [20:50:30] /usr/bin/sha224sum [ Warning ] [20:50:30] Warning: The file properties have changed: [20:50:30] File: /usr/bin/sha224sum [20:50:30] Current hash: 2da093ac030b6fb258aa3279842e2703fb38f2a6 [20:50:30] Stored hash : a97fb478bb70c990bc8fbaccae0b03cbf48d1951 [20:50:30] Current inode: 1978434 Stored inode: 1964689 [20:50:30] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:30] Stored file modification time : 1421207425 (14-Jan-2015 04:50:25) [20:50:30] /usr/bin/sha256sum [ Warning ] [20:50:30] Warning: The file properties have changed: [20:50:30] File: /usr/bin/sha256sum [20:50:30] Current hash: 85c6866ac2beeae54519045930f3476271fdc2c2 [20:50:30] Stored hash : ec2b37aca9c47110f507e8ec8b33e72316e1c909 [20:50:30] Current inode: 1978445 Stored inode: 1964691 [20:50:30] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:30] Stored file modification time : 1421207425 (14-Jan-2015 04:50:25) [20:50:30] /usr/bin/sha384sum [ Warning ] [20:50:30] Warning: The file properties have changed: [20:50:31] File: /usr/bin/sha384sum [20:50:31] Current hash: 494d940f03446d357a3135bf139738c725d81df4 [20:50:31] Stored hash : e8507617a0dd289398ea320905dc34b59c12eaff [20:50:31] Current inode: 1978472 Stored inode: 1964073 [20:50:31] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:31] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:31] /usr/bin/sha512sum [ Warning ] [20:50:31] Warning: The file properties have changed: [20:50:31] File: /usr/bin/sha512sum [20:50:31] Current hash: d44b75399df137e3e93c1105fa5b3fefa5739f51 [20:50:31] Stored hash : 1f051b98b9b70c9c6e9eafad533828f2ee2b7adf [20:50:31] Current inode: 1978452 Stored inode: 1964063 [20:50:31] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:31] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:31] /usr/bin/size [ OK ] [20:50:31] /usr/bin/sort [ Warning ] [20:50:31] Warning: The file properties have changed: [20:50:31] File: /usr/bin/sort [20:50:31] Current hash: 2c043a1e7df59ff256791130d864ce9dace8e81a [20:50:31] Stored hash : 56256fc35d3a7fc7f4d1be188db8e223d90d88d8 [20:50:31] Current inode: 1978421 Stored inode: 1964690 [20:50:31] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:31] Stored file modification time : 1421207425 (14-Jan-2015 04:50:25) [20:50:31] /usr/bin/stat [ Warning ] [20:50:32] Warning: The file properties have changed: [20:50:32] File: /usr/bin/stat [20:50:32] Current hash: ab5b9d3a55961c0fd2271c850213e6dd7a12a758 [20:50:32] Stored hash : 8c7c7d2a178604435802600d92469acaee1cadab [20:50:32] Current inode: 1978428 Stored inode: 1964065 [20:50:32] Current size: 71496 Stored size: 67400 [20:50:32] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:32] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:32] /usr/bin/strace [ OK ] [20:50:32] /usr/bin/strings [ OK ] [20:50:32] /usr/bin/sudo [ OK ] [20:50:32] /usr/bin/tail [ Warning ] [20:50:32] Warning: The file properties have changed: [20:50:32] File: /usr/bin/tail [20:50:32] Current hash: 76d79fc2a9438342f1b08171cbfa23ce2e2dd7c1 [20:50:32] Stored hash : ef6164ce0c03e7febe45d8dee995c8e97b88d0d8 [20:50:32] Current inode: 1978469 Stored inode: 1964091 [20:50:32] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:32] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:32] /usr/bin/test [ Warning ] [20:50:32] Warning: The file properties have changed: [20:50:32] File: /usr/bin/test [20:50:32] Current hash: c49e99d0175b4382fc29cab83df5684f2a038d32 [20:50:33] Stored hash : ea6e89713ac86a281e8ae118bdf20bb1f8c48e24 [20:50:33] Current inode: 1978447 Stored inode: 1964677 [20:50:33] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:33] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:33] /usr/bin/top [ OK ] [20:50:33] /usr/bin/touch [ Warning ] [20:50:33] Warning: The file properties have changed: [20:50:33] File: /usr/bin/touch [20:50:33] Current hash: ce56499e4fc509da11b5d083ee8d49d81571452a [20:50:33] Stored hash : 03c68d835bdefac17cd027d44d54791dc96a155b [20:50:33] Current inode: 1978485 Stored inode: 1964700 [20:50:33] Current file modification time: 1449162952 (03-Dez-2015 18:15:52) [20:50:33] Stored file modification time : 1421207425 (14-Jan-2015 04:50:25) [20:50:33] /usr/bin/tr [ Warning ] [20:50:33] Warning: The file properties have changed: [20:50:33] File: /usr/bin/tr [20:50:33] Current hash: 863ca69221033aa763f65bb35fef729caf5902f6 [20:50:33] Stored hash : 51e48399fd9cf52fb1788d9c8ecff84f66e24aeb [20:50:33] Current inode: 1978454 Stored inode: 1964695 [20:50:33] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:33] Stored file modification time : 1421207425 (14-Jan-2015 04:50:25) [20:50:33] /usr/bin/uniq [ Warning ] [20:50:33] Warning: The file properties have changed: [20:50:33] File: /usr/bin/uniq [20:50:33] Current hash: e0bd547c12273b350d84d52f0d18871ea6bbdbf6 [20:50:33] Stored hash : 3e9aae4df1e1913aeca6f707e3ee263530720b34 [20:50:34] Current inode: 1978416 Stored inode: 1964680 [20:50:34] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:34] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:34] /usr/bin/users [ Warning ] [20:50:34] Warning: The file properties have changed: [20:50:34] File: /usr/bin/users [20:50:34] Current hash: 207d6f8a43a7333b905fd6d0399101e8be54ec34 [20:50:34] Stored hash : c87e31a433f0f1dc1de3df824616e9a929bda9b3 [20:50:34] Current inode: 1978436 Stored inode: 1964088 [20:50:34] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:34] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:34] /usr/bin/vmstat [ OK ] [20:50:34] /usr/bin/w [ OK ] [20:50:34] /usr/bin/watch [ OK ] [20:50:34] /usr/bin/wc [ Warning ] [20:50:34] Warning: The file properties have changed: [20:50:34] File: /usr/bin/wc [20:50:34] Current hash: 8fbd02243f6d956ca9023ff4e1844bda5af98bd2 [20:50:34] Stored hash : 41c35aa7a6a1eef5512a219182ef6a705cab6954 [20:50:34] Current inode: 1978446 Stored inode: 1964674 [20:50:34] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:34] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:35] /usr/bin/wget [ OK ] [20:50:35] /usr/bin/whatis [ OK ] [20:50:35] /usr/bin/whereis [ OK ] [20:50:35] /usr/bin/which [ OK ] [20:50:35] /usr/bin/who [ Warning ] [20:50:35] Warning: The file properties have changed: [20:50:35] File: /usr/bin/who [20:50:35] Current hash: b633a30b92b8dc1aed07b1ae2f01552a522bc28c [20:50:35] Stored hash : 9ef70387e51ef76e4eab98211c9f2a92cdfac440 [20:50:35] Current inode: 1978418 Stored inode: 1964078 [20:50:35] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:35] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:35] /usr/bin/whoami [ Warning ] [20:50:35] Warning: The file properties have changed: [20:50:35] File: /usr/bin/whoami [20:50:35] Current hash: ea0134fc84e8a733d3cc020a8ef9d044f9ebad0a [20:50:35] Stored hash : 1c704bc0b26f95a4e1e2c0f5749c2c3b8d765987 [20:50:35] Current inode: 1978433 Stored inode: 1964679 [20:50:35] Current file modification time: 1449162951 (03-Dez-2015 18:15:51) [20:50:35] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:36] /usr/bin/unhide.rb [ Warning ] [20:50:36] Warning: The command '/usr/bin/unhide.rb' has been replaced by a script: /usr/bin/unhide.rb: Ruby script, ASCII text [20:50:36] /usr/bin/mawk [ OK ] [20:50:36] /usr/bin/lwp-request [ OK ] [20:50:36] Info: Found file '/usr/bin/lwp-request': it is whitelisted for the 'script replacement' check. [20:50:36] /usr/bin/w.procps [ OK ] [20:50:36] /sbin/depmod [ OK ] [20:50:37] /sbin/fsck [ OK ] [20:50:37] /sbin/ifconfig [ OK ] [20:50:37] /sbin/ifdown [ OK ] [20:50:37] /sbin/ifup [ OK ] [20:50:37] /sbin/init [ OK ] [20:50:37] /sbin/insmod [ OK ] [20:50:37] /sbin/ip [ OK ] [20:50:38] /sbin/lsmod [ OK ] [20:50:38] /sbin/modinfo [ OK ] [20:50:38] /sbin/modprobe [ OK ] [20:50:38] /sbin/rmmod [ OK ] [20:50:38] /sbin/route [ OK ] [20:50:38] /sbin/runlevel [ OK ] [20:50:39] /sbin/sulogin [ OK ] [20:50:39] /sbin/sysctl [ OK ] [20:50:39] /bin/bash [ OK ] [20:50:39] /bin/cat [ Warning ] [20:50:40] Warning: The file properties have changed: [20:50:40] File: /bin/cat [20:50:40] Current hash: 0a53b63b641dee10e9c97077e890fdc579053ff4 [20:50:40] Stored hash : d93971e3cbdfd37052acb50fe6483e59bbee1970 [20:50:40] Current inode: 1308269 Stored inode: 1308175 [20:50:40] Current file modification time: 1449162952 (03-Dez-2015 18:15:52) [20:50:40] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:40] /bin/chmod [ Warning ] [20:50:40] Warning: The file properties have changed: [20:50:40] File: /bin/chmod [20:50:40] Current hash: 404ed888720ad486aeb8b3ab13134653aa7572f9 [20:50:40] Stored hash : a98fd1ed221dd86582ff372b46f35d2df28d2354 [20:50:40] Current inode: 1308267 Stored inode: 1308296 [20:50:40] Current file modification time: 1449162952 (03-Dez-2015 18:15:52) [20:50:40] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:40] /bin/chown [ Warning ] [20:50:40] Warning: The file properties have changed: [20:50:40] File: /bin/chown [20:50:40] Current hash: 4436030bef55d2bd5865ac74d653c70c776687dd [20:50:40] Stored hash : 57c605a4e4c7d8f7a635019634558b3d1efb20af [20:50:40] Current inode: 1308191 Stored inode: 1308297 [20:50:40] Current file modification time: 1449162952 (03-Dez-2015 18:15:52) [20:50:40] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:40] /bin/cp [ Warning ] [20:50:40] Warning: The file properties have changed: [20:50:40] File: /bin/cp [20:50:40] Current hash: 33948286a59cc769899cbe62a978485665280f9e [20:50:40] Stored hash : cfd422eab0f7fe30acec5cc8f41e022517655c7e [20:50:40] Current inode: 1308331 Stored inode: 1308171 [20:50:40] Current file modification time: 1449162952 (03-Dez-2015 18:15:52) [20:50:40] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:41] /bin/date [ Warning ] [20:50:41] Warning: The file properties have changed: [20:50:41] File: /bin/date [20:50:41] Current hash: 374523d3669310e4e432127aaa79827a3498d0b6 [20:50:41] Stored hash : 31d40c0ea0dae2937087f999643db8163cda9f13 [20:50:41] Current inode: 1308265 Stored inode: 1308291 [20:50:41] Current file modification time: 1449162952 (03-Dez-2015 18:15:52) [20:50:41] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:41] /bin/df [ Warning ] [20:50:41] Warning: The file properties have changed: [20:50:41] File: /bin/df [20:50:41] Current hash: 416de382091d9d4dcb295d77f41844b4f07315ab [20:50:41] Stored hash : 300d01e32fef46a85e21097e2598a87b8499c4aa [20:50:41] Current inode: 1308337 Stored inode: 1308168 [20:50:41] Current file modification time: 1449162952 (03-Dez-2015 18:15:52) [20:50:41] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:41] /bin/dmesg [ OK ] [20:50:41] /bin/echo [ Warning ] [20:50:41] Warning: The file properties have changed: [20:50:42] File: /bin/echo [20:50:42] Current hash: 1432763d34623ab109dbebb75ac36152395ccb7b [20:50:42] Stored hash : 20837a684092aec0e0fd7a4d9fc2c3c449baf097 [20:50:42] Current inode: 1308332 Stored inode: 1308285 [20:50:42] Current file modification time: 1449162952 (03-Dez-2015 18:15:52) [20:50:42] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:42] /bin/ed [ OK ] [20:50:42] /bin/egrep [ OK ] [20:50:42] Info: Found file '/bin/egrep': it is whitelisted for the 'script replacement' check. [20:50:42] /bin/fgrep [ OK ] [20:50:42] Info: Found file '/bin/fgrep': it is whitelisted for the 'script replacement' check. [20:50:42] /bin/fuser [ OK ] [20:50:42] /bin/grep [ OK ] [20:50:43] /bin/ip [ OK ] [20:50:43] /bin/kill [ OK ] [20:50:43] /bin/less [ OK ] [20:50:43] /bin/login [ OK ] [20:50:43] /bin/ls [ Warning ] [20:50:43] Warning: The file properties have changed: [20:50:43] File: /bin/ls [20:50:43] Current hash: 1d66efa0724762e5c6646df92a0a1c443426fa25 [20:50:43] Stored hash : d87676dbb3a9bd9823c834ce1344e39cc0848e66 [20:50:43] Current inode: 1308253 Stored inode: 1308176 [20:50:43] Current file modification time: 1449162952 (03-Dez-2015 18:15:52) [20:50:43] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:43] /bin/lsmod [ OK ] [20:50:44] /bin/mktemp [ Warning ] [20:50:44] Warning: The file properties have changed: [20:50:44] File: /bin/mktemp [20:50:44] Current hash: d703de6a32ee4404eba873e5c4a81591c0c3ce50 [20:50:44] Stored hash : e6338d38412db083ff8141aa7bc1baa34c2e3344 [20:50:44] Current inode: 1308268 Stored inode: 1308295 [20:50:44] Current file modification time: 1449162952 (03-Dez-2015 18:15:52) [20:50:44] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:44] /bin/more [ OK ] [20:50:44] /bin/mount [ OK ] [20:50:44] /bin/mv [ Warning ] [20:50:44] Warning: The file properties have changed: [20:50:44] File: /bin/mv [20:50:44] Current hash: c6222bbd9495a05dba0db447451405d3f8afe407 [20:50:44] Stored hash : 03bfaf1124ee64cda71d9115f7683b06b9310858 [20:50:44] Current inode: 1308308 Stored inode: 1308284 [20:50:44] Current file modification time: 1449162952 (03-Dez-2015 18:15:52) [20:50:44] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:44] /bin/netstat [ OK ] [20:50:45] /bin/ping [ OK ] [20:50:45] /bin/ps [ OK ] [20:50:45] /bin/pwd [ Warning ] [20:50:45] Warning: The file properties have changed: [20:50:45] File: /bin/pwd [20:50:45] Current hash: 0e83feab4f6e80f4dcef7e228331aa4f3e173621 [20:50:45] Stored hash : bd44e5fedbcfbadcb94e19962ad6e7fa18bf8516 [20:50:45] Current inode: 1308264 Stored inode: 1308324 [20:50:45] Current file modification time: 1449162952 (03-Dez-2015 18:15:52) [20:50:45] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:45] /bin/readlink [ Warning ] [20:50:45] Warning: The file properties have changed: [20:50:45] File: /bin/readlink [20:50:45] Current hash: 7ac7ee7993b744c5886df4dfd65ab4f3a302bca3 [20:50:45] Stored hash : 435be3efa2843d86eec2a26390a7e7681fd18c05 [20:50:45] Current inode: 1308333 Stored inode: 1308286 [20:50:45] Current file modification time: 1449162952 (03-Dez-2015 18:15:52) [20:50:45] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:45] /bin/sed [ OK ] [20:50:46] /bin/sh [ OK ] [20:50:46] /bin/su [ OK ] [20:50:46] /bin/touch [ Warning ] [20:50:46] Warning: The file properties have changed: [20:50:46] File: /bin/touch [20:50:46] Current hash: ce56499e4fc509da11b5d083ee8d49d81571452a [20:50:46] Stored hash : 03c68d835bdefac17cd027d44d54791dc96a155b [20:50:46] Current inode: 1308223 Stored inode: 1308323 [20:50:46] Current file modification time: 1449162952 (03-Dez-2015 18:15:52) [20:50:46] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:46] /bin/uname [ Warning ] [20:50:46] Warning: The file properties have changed: [20:50:46] File: /bin/uname [20:50:46] Current hash: cc5d940371a5e9a64a584aeb4aca8f35a5e77362 [20:50:46] Stored hash : f3abe00fea9fe61d6fe673c4a60fb9b30ae5f3c8 [20:50:46] Current inode: 1308262 Stored inode: 1308170 [20:50:46] Current file modification time: 1449162952 (03-Dez-2015 18:15:52) [20:50:46] Stored file modification time : 1421207424 (14-Jan-2015 04:50:24) [20:50:47] /bin/which [ OK ] [20:50:47] Info: Found file '/bin/which': it is whitelisted for the 'script replacement' check. [20:50:47] /bin/kmod [ OK ] [20:50:47] /bin/dash [ OK ] [20:50:50] [20:50:50] Info: Starting test name 'rootkits' [20:50:50] Checking for rootkits... [20:50:50] [20:50:50] Info: Starting test name 'known_rkts' [20:50:50] Performing check of known rootkit files and directories [20:50:50] [20:50:50] Checking for 55808 Trojan - Variant A... [20:50:50] Checking for file '/tmp/.../r' [ Not found ] [20:50:50] Checking for file '/tmp/.../a' [ Not found ] [20:50:50] 55808 Trojan - Variant A [ Not found ] [20:50:50] [20:50:50] Checking for ADM Worm... [20:50:50] Checking for string 'w0rm' [ Not found ] [20:50:50] ADM Worm [ Not found ] [20:50:50] [20:50:50] Checking for AjaKit Rootkit... [20:50:50] Checking for file '/dev/tux/.addr' [ Not found ] [20:50:50] Checking for file '/dev/tux/.proc' [ Not found ] [20:50:50] Checking for file '/dev/tux/.file' [ Not found ] [20:50:50] Checking for file '/lib/.libgh-gh/cleaner' [ Not found ] [20:50:50] Checking for file '/lib/.libgh-gh/Patch/patch' [ Not found ] [20:50:50] Checking for file '/lib/.libgh-gh/sb0k' [ Not found ] [20:50:50] Checking for directory '/dev/tux' [ Not found ] [20:50:50] Checking for directory '/lib/.libgh-gh' [ Not found ] [20:50:50] AjaKit Rootkit [ Not found ] [20:50:50] [20:50:50] Checking for Adore Rootkit... [20:50:50] Checking for file '/usr/secure' [ Not found ] [20:50:50] Checking for file '/usr/doc/sys/qrt' [ Not found ] [20:50:50] Checking for file '/usr/doc/sys/run' [ Not found ] [20:50:50] Checking for file '/usr/doc/sys/crond' [ Not found ] [20:50:50] Checking for file '/usr/sbin/kfd' [ Not found ] [20:50:50] Checking for file '/usr/doc/kern/var' [ Not found ] [20:50:50] Checking for file '/usr/doc/kern/string.o' [ Not found ] [20:50:50] Checking for file '/usr/doc/kern/ava' [ Not found ] [20:50:50] Checking for file '/usr/doc/kern/adore.o' [ Not found ] [20:50:50] Checking for file '/var/log/ssh/old' [ Not found ] [20:50:51] Checking for directory '/lib/security/.config/ssh' [ Not found ] [20:50:51] Checking for directory '/usr/doc/kern' [ Not found ] [20:50:51] Checking for directory '/usr/doc/backup' [ Not found ] [20:50:51] Checking for directory '/usr/doc/backup/txt' [ Not found ] [20:50:51] Checking for directory '/lib/backup' [ Not found ] [20:50:51] Checking for directory '/lib/backup/txt' [ Not found ] [20:50:51] Checking for directory '/usr/doc/work' [ Not found ] [20:50:51] Checking for directory '/usr/doc/sys' [ Not found ] [20:50:51] Checking for directory '/var/log/ssh' [ Not found ] [20:50:51] Checking for directory '/usr/doc/.spool' [ Not found ] [20:50:51] Checking for directory '/usr/lib/kterm' [ Not found ] [20:50:51] Adore Rootkit [ Not found ] [20:50:51] [20:50:51] Checking for aPa Kit... [20:50:51] Checking for file '/usr/share/.aPa' [ Not found ] [20:50:51] aPa Kit [ Not found ] [20:50:51] [20:50:51] Checking for Apache Worm... [20:50:51] Checking for file '/bin/.log' [ Not found ] [20:50:51] Apache Worm [ Not found ] [20:50:51] [20:50:51] Checking for Ambient (ark) Rootkit... [20:50:51] Checking for file '/usr/lib/.ark?' [ Not found ] [20:50:51] Checking for file '/dev/ptyxx/.log' [ Not found ] [20:50:51] Checking for file '/dev/ptyxx/.file' [ Not found ] [20:50:51] Checking for file '/dev/ptyxx/.proc' [ Not found ] [20:50:51] Checking for file '/dev/ptyxx/.addr' [ Not found ] [20:50:51] Checking for directory '/dev/ptyxx' [ Not found ] [20:50:51] Ambient (ark) Rootkit [ Not found ] [20:50:51] [20:50:51] Checking for Balaur Rootkit... [20:50:51] Checking for file '/usr/lib/liblog.o' [ Not found ] [20:50:51] Checking for directory '/usr/lib/.kinetic' [ Not found ] [20:50:51] Checking for directory '/usr/lib/.egcs' [ Not found ] [20:50:51] Checking for directory '/usr/lib/.wormie' [ Not found ] [20:50:51] Balaur Rootkit [ Not found ] [20:50:52] [20:50:52] Checking for BeastKit Rootkit... [20:50:52] Checking for file '/usr/sbin/arobia' [ Not found ] [20:50:52] Checking for file '/usr/sbin/idrun' [ Not found ] [20:50:52] Checking for file '/usr/lib/elm/arobia/elm' [ Not found ] [20:50:52] Checking for file '/usr/lib/elm/arobia/elm/hk' [ Not found ] [20:50:52] Checking for file '/usr/lib/elm/arobia/elm/hk.pub' [ Not found ] [20:50:52] Checking for file '/usr/lib/elm/arobia/elm/sc' [ Not found ] [20:50:52] Checking for file '/usr/lib/elm/arobia/elm/sd.pp' [ Not found ] [20:50:52] Checking for file '/usr/lib/elm/arobia/elm/sdco' [ Not found ] [20:50:52] Checking for file '/usr/lib/elm/arobia/elm/srsd' [ Not found ] [20:50:52] Checking for directory '/lib/ldd.so/bktools' [ Not found ] [20:50:52] BeastKit Rootkit [ Not found ] [20:50:52] [20:50:52] Checking for beX2 Rootkit... [20:50:52] Checking for file '/usr/info/termcap.info-5.gz' [ Not found ] [20:50:52] Checking for file '/usr/bin/sshd2' [ Not found ] [20:50:52] Checking for directory '/usr/include/bex' [ Not found ] [20:50:52] beX2 Rootkit [ Not found ] [20:50:52] [20:50:52] Checking for BOBKit Rootkit... [20:50:52] Checking for file '/usr/sbin/ntpsx' [ Not found ] [20:50:52] Checking for file '/usr/sbin/.../bkit-ava' [ Not found ] [20:50:52] Checking for file '/usr/sbin/.../bkit-d' [ Not found ] [20:50:52] Checking for file '/usr/sbin/.../bkit-shd' [ Not found ] [20:50:52] Checking for file '/usr/sbin/.../bkit-f' [ Not found ] [20:50:52] Checking for file '/usr/include/.../proc.h' [ Not found ] [20:50:52] Checking for file '/usr/include/.../.bash_history' [ Not found ] [20:50:52] Checking for file '/usr/include/.../bkit-get' [ Not found ] [20:50:52] Checking for file '/usr/include/.../bkit-dl' [ Not found ] [20:50:52] Checking for file '/usr/include/.../bkit-screen' [ Not found ] [20:50:52] Checking for file '/usr/include/.../bkit-sleep' [ Not found ] [20:50:52] Checking for file '/usr/lib/.../bkit-adore.o' [ Not found ] [20:50:52] Checking for file '/usr/lib/.../ls' [ Not found ] [20:50:52] Checking for file '/usr/lib/.../netstat' [ Not found ] [20:50:52] Checking for file '/usr/lib/.../lsof' [ Not found ] [20:50:53] Checking for file '/usr/lib/.../bkit-ssh/bkit-shdcfg' [ Not found ] [20:50:53] Checking for file '/usr/lib/.../bkit-ssh/bkit-shhk' [ Not found ] [20:50:53] Checking for file '/usr/lib/.../bkit-ssh/bkit-pw' [ Not found ] [20:50:53] Checking for file '/usr/lib/.../bkit-ssh/bkit-shrs' [ Not found ] [20:50:53] Checking for file '/usr/lib/.../bkit-ssh/bkit-mots' [ Not found ] [20:50:53] Checking for file '/usr/lib/.../uconf.inv' [ Not found ] [20:50:53] Checking for file '/usr/lib/.../psr' [ Not found ] [20:50:53] Checking for file '/usr/lib/.../find' [ Not found ] [20:50:53] Checking for file '/usr/lib/.../pstree' [ Not found ] [20:50:53] Checking for file '/usr/lib/.../slocate' [ Not found ] [20:50:53] Checking for file '/usr/lib/.../du' [ Not found ] [20:50:53] Checking for file '/usr/lib/.../top' [ Not found ] [20:50:53] Checking for directory '/usr/sbin/...' [ Not found ] [20:50:53] Checking for directory '/usr/include/...' [ Not found ] [20:50:53] Checking for directory '/usr/include/.../.tmp' [ Not found ] [20:50:53] Checking for directory '/usr/lib/...' [ Not found ] [20:50:53] Checking for directory '/usr/lib/.../.ssh' [ Not found ] [20:50:53] Checking for directory '/usr/lib/.../bkit-ssh' [ Not found ] [20:50:53] Checking for directory '/usr/lib/.bkit-' [ Not found ] [20:50:53] Checking for directory '/tmp/.bkp' [ Not found ] [20:50:53] BOBKit Rootkit [ Not found ] [20:50:53] [20:50:53] Checking for cb Rootkit... [20:50:53] Checking for file '/dev/srd0' [ Not found ] [20:50:53] Checking for file '/lib/libproc.so.2.0.6' [ Not found ] [20:50:53] Checking for file '/dev/mounnt' [ Not found ] [20:50:53] Checking for file '/etc/rc.d/init.d/init' [ Not found ] [20:50:53] Checking for file '/usr/bin/.zeen/.. /cl' [ Not found ] [20:50:53] Checking for file '/usr/bin/.zeen/.. /.x.tgz' [ Not found ] [20:50:53] Checking for file '/usr/bin/.zeen/.. /statdx' [ Not found ] [20:50:53] Checking for file '/usr/bin/.zeen/.. /wted' [ Not found ] [20:50:53] Checking for file '/usr/bin/.zeen/.. /write' [ Not found ] [20:50:53] Checking for file '/usr/bin/.zeen/.. /scan' [ Not found ] [20:50:53] Checking for file '/usr/bin/.zeen/.. /sc' [ Not found ] [20:50:53] Checking for file '/usr/bin/.zeen/.. /sl2' [ Not found ] [20:50:54] Checking for file '/usr/bin/.zeen/.. /wroot' [ Not found ] [20:50:54] Checking for file '/usr/bin/.zeen/.. /wscan' [ Not found ] [20:50:54] Checking for file '/usr/bin/.zeen/.. /wu' [ Not found ] [20:50:54] Checking for file '/usr/bin/.zeen/.. /v' [ Not found ] [20:50:54] Checking for file '/usr/bin/.zeen/.. /read' [ Not found ] [20:50:54] Checking for file '/usr/lib/sshrc' [ Not found ] [20:50:54] Checking for file '/usr/lib/ssh_host_key' [ Not found ] [20:50:54] Checking for file '/usr/lib/ssh_host_key.pub' [ Not found ] [20:50:54] Checking for file '/usr/lib/ssh_random_seed' [ Not found ] [20:50:54] Checking for file '/usr/lib/sshd_config' [ Not found ] [20:50:54] Checking for file '/usr/lib/shosts.equiv' [ Not found ] [20:50:54] Checking for file '/usr/lib/ssh_known_hosts' [ Not found ] [20:50:54] Checking for file '/u/zappa/.ssh/pid' [ Not found ] [20:50:54] Checking for file '/usr/bin/.system/.. /tcp.log' [ Not found ] [20:50:54] Checking for file '/usr/bin/.zeen/.. /curatare/attrib' [ Not found ] [20:50:54] Checking for file '/usr/bin/.zeen/.. /curatare/chattr' [ Not found ] [20:50:54] Checking for file '/usr/bin/.zeen/.. /curatare/ps' [ Not found ] [20:50:54] Checking for file '/usr/bin/.zeen/.. /curatare/pstree' [ Not found ] [20:50:54] Checking for file '/usr/bin/.system/.. /.x/xC.o' [ Not found ] [20:50:54] Checking for directory '/usr/bin/.zeen' [ Not found ] [20:50:54] Checking for directory '/usr/bin/.zeen/.. /curatare' [ Not found ] [20:50:54] Checking for directory '/usr/bin/.zeen/.. /scan' [ Not found ] [20:50:54] Checking for directory '/usr/bin/.system/.. ' [ Not found ] [20:50:54] cb Rootkit [ Not found ] [20:50:54] [20:50:54] Checking for CiNIK Worm (Slapper.B variant)... [20:50:54] Checking for file '/tmp/.cinik' [ Not found ] [20:50:54] Checking for directory '/tmp/.font-unix/.cinik' [ Not found ] [20:50:54] CiNIK Worm (Slapper.B variant) [ Not found ] [20:50:54] [20:50:54] Checking for Danny-Boy's Abuse Kit... [20:50:54] Checking for file '/dev/mdev' [ Not found ] [20:50:54] Checking for file '/usr/lib/libX.a' [ Not found ] [20:50:54] Danny-Boy's Abuse Kit [ Not found ] [20:50:55] [20:50:55] Checking for Devil RootKit... [20:50:55] Checking for file '/var/lib/games/.src' [ Not found ] [20:50:55] Checking for file '/dev/dsx' [ Not found ] [20:50:55] Checking for file '/dev/caca' [ Not found ] [20:50:55] Checking for file '/dev/pro' [ Not found ] [20:50:55] Checking for file '/bin/bye' [ Not found ] [20:50:55] Checking for file '/bin/homedir' [ Not found ] [20:50:55] Checking for file '/usr/bin/xfss' [ Not found ] [20:50:55] Checking for file '/usr/sbin/tzava' [ Not found ] [20:50:55] Checking for file '/usr/doc/tar/.../.dracusor/stuff/holber' [ Not found ] [20:50:55] Checking for file '/usr/doc/tar/.../.dracusor/stuff/sense' [ Not found ] [20:50:55] Checking for file '/usr/doc/tar/.../.dracusor/stuff/clear' [ Not found ] [20:50:55] Checking for file '/usr/doc/tar/.../.dracusor/stuff/tzava' [ Not found ] [20:50:55] Checking for file '/usr/doc/tar/.../.dracusor/stuff/citeste' [ Not found ] [20:50:55] Checking for file '/usr/doc/tar/.../.dracusor/stuff/killrk' [ Not found ] [20:50:55] Checking for file '/usr/doc/tar/.../.dracusor/stuff/searchlog' [ Not found ] [20:50:55] Checking for file '/usr/doc/tar/.../.dracusor/stuff/gaoaza' [ Not found ] [20:50:55] Checking for file '/usr/doc/tar/.../.dracusor/stuff/cleaner' [ Not found ] [20:50:55] Checking for file '/usr/doc/tar/.../.dracusor/stuff/shk' [ Not found ] [20:50:55] Checking for file '/usr/doc/tar/.../.dracusor/stuff/srs' [ Not found ] [20:50:55] Checking for file '/usr/doc/tar/.../.dracusor/utile.tgz' [ Not found ] [20:50:55] Checking for file '/usr/doc/tar/.../.dracusor/webpage' [ Not found ] [20:50:56] Checking for file '/usr/doc/tar/.../.dracusor/getpsy' [ Not found ] [20:50:56] Checking for file '/usr/doc/tar/.../.dracusor/getbnc' [ Not found ] [20:50:56] Checking for file '/usr/doc/tar/.../.dracusor/getemech' [ Not found ] [20:50:56] Checking for file '/usr/doc/tar/.../.dracusor/localroot.sh' [ Not found ] [20:50:56] Checking for file '/usr/doc/tar/.../.dracusor/stuff/old/sense' [ Not found ] [20:50:56] Checking for directory '/usr/doc/tar/.../.dracusor' [ Not found ] [20:50:56] Devil RootKit [ Not found ] [20:50:56] [20:50:56] Checking for Dica-Kit Rootkit... [20:50:56] Checking for file '/lib/.sso' [ Not found ] [20:50:56] Checking for file '/lib/.so' [ Not found ] [20:50:56] Checking for file '/var/run/...dica/clean' [ Not found ] [20:50:56] Checking for file '/var/run/...dica/dxr' [ Not found ] [20:50:56] Checking for file '/var/run/...dica/read' [ Not found ] [20:50:56] Checking for file '/var/run/...dica/write' [ Not found ] [20:50:56] Checking for file '/var/run/...dica/lf' [ Not found ] [20:50:56] Checking for file '/var/run/...dica/xl' [ Not found ] [20:50:56] Checking for file '/var/run/...dica/xdr' [ Not found ] [20:50:56] Checking for file '/var/run/...dica/psg' [ Not found ] [20:50:56] Checking for file '/var/run/...dica/secure' [ Not found ] [20:50:56] Checking for file '/var/run/...dica/rdx' [ Not found ] [20:50:56] Checking for file '/var/run/...dica/va' [ Not found ] [20:50:57] Checking for file '/var/run/...dica/cl.sh' [ Not found ] [20:50:57] Checking for file '/var/run/...dica/last.log' [ Not found ] [20:50:57] Checking for file '/usr/bin/.etc' [ Not found ] [20:50:57] Checking for file '/etc/sshd_config' [ Not found ] [20:50:57] Checking for file '/etc/ssh_host_key' [ Not found ] [20:50:57] Checking for file '/etc/ssh_random_seed' [ Not found ] [20:50:57] Checking for directory '/var/run/...dica' [ Not found ] [20:50:57] Checking for directory '/var/run/...dica/mh' [ Not found ] [20:50:57] Checking for directory '/var/run/...dica/scan' [ Not found ] [20:50:57] Dica-Kit Rootkit [ Not found ] [20:50:57] [20:50:57] Checking for Dreams Rootkit... [20:50:57] Checking for file '/dev/ttyoa' [ Not found ] [20:50:57] Checking for file '/dev/ttyof' [ Not found ] [20:50:57] Checking for file '/dev/ttyop' [ Not found ] [20:50:57] Checking for file '/usr/bin/sense' [ Not found ] [20:50:57] Checking for file '/usr/bin/sl2' [ Not found ] [20:50:57] Checking for file '/usr/bin/logclear' [ Not found ] [20:50:57] Checking for file '/usr/bin/(swapd)' [ Not found ] [20:50:57] Checking for file '/usr/bin/initrd' [ Not found ] [20:50:57] Checking for file '/usr/bin/crontabs' [ Not found ] [20:50:57] Checking for file '/usr/bin/snfs' [ Not found ] [20:50:58] Checking for file '/usr/lib/libsss' [ Not found ] [20:50:58] Checking for file '/usr/lib/libsnf.log' [ Not found ] [20:50:58] Checking for file '/usr/lib/libshtift/top' [ Not found ] [20:50:58] Checking for file '/usr/lib/libshtift/ps' [ Not found ] [20:50:58] Checking for file '/usr/lib/libshtift/netstat' [ Not found ] [20:50:58] Checking for file '/usr/lib/libshtift/ls' [ Not found ] [20:50:58] Checking for file '/usr/lib/libshtift/ifconfig' [ Not found ] [20:50:58] Checking for file '/usr/include/linseed.h' [ Not found ] [20:50:58] Checking for file '/usr/include/linpid.h' [ Not found ] [20:50:58] Checking for file '/usr/include/linkey.h' [ Not found ] [20:50:58] Checking for file '/usr/include/linconf.h' [ Not found ] [20:50:58] Checking for file '/usr/include/iceseed.h' [ Not found ] [20:50:58] Checking for file '/usr/include/icepid.h' [ Not found ] [20:50:58] Checking for file '/usr/include/icekey.h' [ Not found ] [20:50:58] Checking for file '/usr/include/iceconf.h' [ Not found ] [20:50:58] Checking for directory '/dev/ida/.hpd' [ Not found ] [20:50:58] Checking for directory '/usr/lib/libshtift' [ Not found ] [20:50:58] Dreams Rootkit [ Not found ] [20:50:58] [20:50:58] Checking for Duarawkz Rootkit... [20:50:58] Checking for file '/usr/bin/duarawkz/loginpass' [ Not found ] [20:50:58] Checking for directory '/usr/bin/duarawkz' [ Not found ] [20:50:58] Duarawkz Rootkit [ Not found ] [20:50:58] [20:50:58] Checking for Enye LKM... [20:50:58] Checking for file '/etc/.enyelkmHIDE^IT.ko' [ Not found ] [20:50:58] Checking for file '/etc/.enyelkmOCULTAR.ko' [ Not found ] [20:50:58] Enye LKM [ Not found ] [20:50:58] [20:50:58] Checking for Flea Linux Rootkit... [20:50:58] Checking for file '/etc/ld.so.hash' [ Not found ] [20:50:58] Checking for file '/lib/security/.config/ssh/sshd_config' [ Not found ] [20:50:58] Checking for file '/lib/security/.config/ssh/ssh_host_key' [ Not found ] [20:50:58] Checking for file '/lib/security/.config/ssh/ssh_host_key.pub' [ Not found ] [20:50:58] Checking for file '/lib/security/.config/ssh/ssh_random_seed' [ Not found ] [20:50:59] Checking for file '/usr/bin/ssh2d' [ Not found ] [20:50:59] Checking for file '/usr/lib/ldlibns.so' [ Not found ] [20:50:59] Checking for file '/usr/lib/ldlibps.so' [ Not found ] [20:50:59] Checking for file '/usr/lib/ldlibpst.so' [ Not found ] [20:50:59] Checking for file '/usr/lib/ldlibdu.so' [ Not found ] [20:50:59] Checking for file '/usr/lib/ldlibct.so' [ Not found ] [20:50:59] Checking for directory '/lib/security/.config/ssh' [ Not found ] [20:50:59] Checking for directory '/dev/..0' [ Not found ] [20:50:59] Checking for directory '/dev/..0/backup' [ Not found ] [20:50:59] Flea Linux Rootkit [ Not found ] [20:50:59] [20:50:59] Checking for Fu Rootkit... [20:50:59] Checking for file '/sbin/xc' [ Not found ] [20:50:59] Checking for file '/usr/include/ivtype.h' [ Not found ] [20:50:59] Checking for file '/bin/.lib' [ Not found ] [20:50:59] Fu Rootkit [ Not found ] [20:50:59] [20:50:59] Checking for Fuck`it Rootkit... [20:50:59] Checking for file '/lib/libproc.so.2.0.7' [ Not found ] [20:50:59] Checking for file '/dev/proc/.bash_profile' [ Not found ] [20:50:59] Checking for file '/dev/proc/.bashrc' [ Not found ] [20:50:59] Checking for file '/dev/proc/.cshrc' [ Not found ] [20:50:59] Checking for file '/dev/proc/fuckit/hax0r' [ Not found ] [20:50:59] Checking for file '/dev/proc/fuckit/hax0rshell' [ Not found ] [20:50:59] Checking for file '/dev/proc/fuckit/config/lports' [ Not found ] [20:50:59] Checking for file '/dev/proc/fuckit/config/rports' [ Not found ] [20:50:59] Checking for file '/dev/proc/fuckit/config/rkconf' [ Not found ] [20:50:59] Checking for file '/dev/proc/fuckit/config/password' [ Not found ] [20:50:59] Checking for file '/dev/proc/fuckit/config/progs' [ Not found ] [20:50:59] Checking for file '/dev/proc/fuckit/system-bins/init' [ Not found ] [20:50:59] Checking for file '/usr/lib/libcps.a' [ Not found ] [20:50:59] Checking for file '/usr/lib/libtty.a' [ Not found ] [20:50:59] Checking for directory '/dev/proc' [ Not found ] [20:50:59] Checking for directory '/dev/proc/fuckit' [ Not found ] [20:50:59] Checking for directory '/dev/proc/fuckit/system-bins' [ Not found ] [20:51:00] Checking for directory '/dev/proc/toolz' [ Not found ] [20:51:00] Fuck`it Rootkit [ Not found ] [20:51:00] [20:51:00] Checking for GasKit Rootkit... [20:51:00] Checking for file '/dev/dev/gaskit/sshd/sshdd' [ Not found ] [20:51:00] Checking for directory '/dev/dev' [ Not found ] [20:51:00] Checking for directory '/dev/dev/gaskit' [ Not found ] [20:51:00] Checking for directory '/dev/dev/gaskit/sshd' [ Not found ] [20:51:00] GasKit Rootkit [ Not found ] [20:51:00] [20:51:00] Checking for Heroin LKM... [20:51:00] Checking for kernel symbol 'heroin' [ Not found ] [20:51:00] Heroin LKM [ Not found ] [20:51:00] [20:51:00] Checking for HjC Kit... [20:51:00] Checking for directory '/dev/.hijackerz' [ Not found ] [20:51:00] HjC Kit [ Not found ] [20:51:00] [20:51:00] Checking for ignoKit Rootkit... [20:51:00] Checking for file '/lib/defs/p' [ Not found ] [20:51:00] Checking for file '/lib/defs/q' [ Not found ] [20:51:00] Checking for file '/lib/defs/r' [ Not found ] [20:51:00] Checking for file '/lib/defs/s' [ Not found ] [20:51:00] Checking for file '/lib/defs/t' [ Not found ] [20:51:00] Checking for file '/usr/lib/defs/p' [ Not found ] [20:51:00] Checking for file '/usr/lib/defs/q' [ Not found ] [20:51:00] Checking for file '/usr/lib/defs/r' [ Not found ] [20:51:00] Checking for file '/usr/lib/defs/s' [ Not found ] [20:51:00] Checking for file '/usr/lib/defs/t' [ Not found ] [20:51:00] Checking for file '/usr/lib/.libigno/pkunsec' [ Not found ] [20:51:00] Checking for file '/usr/lib/.libigno/.igno/psybnc/psybnc' [ Not found ] [20:51:00] Checking for directory '/usr/lib/.libigno' [ Not found ] [20:51:00] Checking for directory '/usr/lib/.libigno/.igno' [ Not found ] [20:51:00] ignoKit Rootkit [ Not found ] [20:51:01] [20:51:01] Checking for IntoXonia-NG Rootkit... [20:51:01] Checking for kernel symbol 'funces' [ Not found ] [20:51:01] Checking for kernel symbol 'ixinit' [ Not found ] [20:51:01] Checking for kernel symbol 'tricks' [ Not found ] [20:51:01] Checking for kernel symbol 'kernel_unlink' [ Not found ] [20:51:01] Checking for kernel symbol 'rootme' [ Not found ] [20:51:02] Checking for kernel symbol 'hide_module' [ Not found ] [20:51:02] Checking for kernel symbol 'find_sys_call_tbl' [ Not found ] [20:51:02] IntoXonia-NG Rootkit [ Not found ] [20:51:02] [20:51:02] Checking for Irix Rootkit... [20:51:02] Checking for directory '/dev/pts/01' [ Not found ] [20:51:02] Checking for directory '/dev/pts/01/backup' [ Not found ] [20:51:02] Checking for directory '/dev/pts/01/etc' [ Not found ] [20:51:02] Checking for directory '/dev/pts/01/tmp' [ Not found ] [20:51:02] Irix Rootkit [ Not found ] [20:51:02] [20:51:02] Checking for Jynx Rootkit... [20:51:02] Checking for file '/xochikit/bc' [ Not found ] [20:51:02] Checking for file '/xochikit/ld_poison.so' [ Not found ] [20:51:02] Checking for file '/omgxochi/bc' [ Not found ] [20:51:02] Checking for file '/omgxochi/ld_poison.so' [ Not found ] [20:51:02] Checking for directory '/xochikit' [ Not found ] [20:51:02] Checking for directory '/omgxochi' [ Not found ] [20:51:02] Jynx Rootkit [ Not found ] [20:51:03] [20:51:03] Checking for KBeast Rootkit... [20:51:03] Checking for file '/usr/_h4x_/ipsecs-kbeast-v1.ko' [ Not found ] [20:51:03] Checking for file '/usr/_h4x_/_h4x_bd' [ Not found ] [20:51:03] Checking for file '/usr/_h4x_/acctlog' [ Not found ] [20:51:03] Checking for directory '/usr/_h4x_' [ Not found ] [20:51:03] Checking for kernel symbol 'h4x_delete_module' [ Not found ] [20:51:03] Checking for kernel symbol 'h4x_getdents64' [ Not found ] [20:51:03] Checking for kernel symbol 'h4x_kill' [ Not found ] [20:51:04] Checking for kernel symbol 'h4x_open' [ Not found ] [20:51:04] Checking for kernel symbol 'h4x_read' [ Not found ] [20:51:04] Checking for kernel symbol 'h4x_rename' [ Not found ] [20:51:04] Checking for kernel symbol 'h4x_rmdir' [ Not found ] [20:51:04] Checking for kernel symbol 'h4x_tcp4_seq_show' [ Not found ] [20:51:04] Checking for kernel symbol 'h4x_write' [ Not found ] [20:51:04] KBeast Rootkit [ Not found ] [20:51:04] [20:51:04] Checking for Kitko Rootkit... [20:51:04] Checking for directory '/usr/src/redhat/SRPMS/...' [ Not found ] [20:51:04] Kitko Rootkit [ Not found ] [20:51:05] [20:51:05] Checking for Knark Rootkit... [20:51:05] Checking for file '/proc/knark/pids' [ Not found ] [20:51:05] Checking for directory '/proc/knark' [ Not found ] [20:51:05] Knark Rootkit [ Not found ] [20:51:05] |
| Themen zu Ubuntu Trusty - IP- Bannend - rkhunter Suspect files: 42 |
| angemeldet, code, detected, files, folge, found, installation, linux, netstat, not, opera, process, rootkit, rootkits, scanning, seite, seiten, shell, start, symbol, system, trojan, ubuntu, variant, version |
Baum-Darstellung