Dúvidas sobre rootkit

alesirj
(usa Debian)

Enviado em 14/02/2009 - 20:08h

Pessoal, boa noite.
Antes de mais nada, informo que procurei saber mais sobre o assunto no próprio fórum do Big Linux, postei o meu log que encontrei após executar o Rootkit hunter, mas não obtive resposta até agora e estou preocupado. Existem pelo menos 6 Warnings. Seria algum problema? Segue abaixo o log:

[19:28:13] Running Rootkit Hunter version 1.3.4 on MATRIX
[19:28:13]
[19:28:13] Info: Start date is Sáb Fev 14 19:28:13 BRST 2009
[19:28:13]
[19:28:13] Checking configuration file and command-line options...
[19:28:13] Info: Detected operating system is 'Linux'
[19:28:13] Info: Found O/S name: Big Linux 4
[19:28:13] Info: Command line is /usr/local/bin/rkhunter -c -sk
[19:28:13] Info: Environment shell is /bin/bash; rkhunter is using bash
[19:28:13] Info: Using configuration file '/usr/local/etc/rkhunter.conf'
[19:28:13] Info: Installation directory is '/usr/local'
[19:28:13] Info: Using language 'en'
[19:28:13] Info: Using '/var/lib/rkhunter/db' as the database directory
[19:28:13] Info: Using '/usr/local/lib/rkhunter/scripts' as the support script directory
[19:28:14] Info: Using '/usr/local/sbin /usr/local/bin /usr/sbin /usr/bin /sbin /bin /usr/X11R6/bin /bin /usr/bin /sbin /usr/sbin /usr/local/bin /usr/local/sbin /usr/libexec /usr/local/libexec' as the command directories
[19:28:14] Info: Using '/' as the root directory by default
[19:28:14] Info: Using '/var/lib/rkhunter/tmp' as the temporary directory
[19:28:14] Info: No mail-on-warning address configured
[19:28:14] Info: X will be automatically detected
[19:28:14] Info: Using second color set
[19:28:14] Info: Found the 'diff' command: /usr/bin/diff
[19:28:14] Info: Found the 'file' command: /usr/bin/file
[19:28:14] Info: Found the 'find' command: /usr/bin/find
[19:28:14] Info: Found the 'ifconfig' command: /sbin/ifconfig
[19:28:14] Info: Found the 'ip' command: /sbin/ip
[19:28:14] Info: Found the 'ldd' command: /usr/bin/ldd
[19:28:14] Info: Found the 'lsattr' command: /usr/bin/lsattr
[19:28:14] Info: Found the 'lsmod' command: /sbin/lsmod
[19:28:14] Info: Found the 'lsof' command: /usr/bin/lsof
[19:28:14] Info: Found the 'mktemp' command: /bin/mktemp
[19:28:15] Info: Found the 'netstat' command: /bin/netstat
[19:28:15] Info: Found the 'perl' command: /usr/bin/perl
[19:28:15] Info: Found the 'ps' command: /bin/ps
[19:28:15] Info: Found the 'pwd' command: /bin/pwd
[19:28:15] Info: Found the 'readlink' command: /bin/readlink
[19:28:15] Info: Found the 'sort' command: /usr/bin/sort
[19:28:15] Info: Found the 'stat' command: /usr/bin/stat
[19:28:15] Info: Found the 'strings' command: /usr/bin/strings
[19:28:15] Info: Found the 'uniq' command: /usr/bin/uniq
[19:28:15] Info: System is not using prelinking
[19:28:15] Info: Using the '/usr/bin/sha1sum' command for the file hash checks
[19:28:15] Info: Stored hash values used hash function '/usr/bin/sha1sum'
[19:28:15] Info: Stored hash values did not use a package manager
[19:28:15] Info: The hash function field index is set to 1
[19:28:15] Info: No package manager specified: using hash function '/usr/bin/sha1sum'
[19:28:16] Info: Previous file attributes were stored
[19:28:16] Info: Enabled tests are: all
[19:28:16] Info: Disabled tests are: suspscan hidden_procs deleted_files packet_cap_apps
[19:28:16] Info: Found ksym file '/proc/kallsyms'
[19:28:16]
[19:28:16] Checking if the O/S has changed since last time...
[19:28:16] Info: Nothing seems to have changed
[19:28:16]
[19:28:16] Starting system checks...
[19:28:16]
[19:28:16] Checking system commands...
[19:28:16] Info: Starting test name 'system_commands'
[19:28:16]
[19:28:16] Performing 'strings' command checks
[19:28:16] Info: Starting test name 'strings'
[19:28:16] Scanning for string /usr/sbin/ntpsx [ OK ]
[19:28:17] Scanning for string /usr/lib/.../ls [ OK ]
[19:28:17] Scanning for string /usr/lib/.../netstat [ OK ]
[19:28:17] Scanning for string /usr/lib/.../lsof [ OK ]
[19:28:17] Scanning for string /usr/lib/.../bkit-ssh/bkit-shdcfg [ OK ]
[19:28:17] Scanning for string /usr/lib/.../bkit-ssh/bkit-shhk [ OK ]
[19:28:17] Scanning for string /usr/lib/.../bkit-ssh/bkit-pw [ OK ]
[19:28:17] Scanning for string /usr/lib/.../bkit-ssh/bkit-shrs [ OK ]
[19:28:17] Scanning for string /usr/lib/.../uconf.inv [ OK ]
[19:28:18] Scanning for string /usr/lib/.../psr [ OK ]
[19:28:18] Scanning for string /usr/lib/.../find [ OK ]
[19:28:18] Scanning for string /usr/lib/.../pstree [ OK ]
[19:28:18] Scanning for string /usr/lib/.../slocate [ OK ]
[19:28:18] Scanning for string /usr/lib/.../du [ OK ]
[19:28:18] Scanning for string /usr/lib/.../top [ OK ]
[19:28:18] Scanning for string /usr/lib/... [ OK ]
[19:28:18] Scanning for string /usr/lib/.../bkit-ssh [ OK ]
[19:28:18] Scanning for string /usr/lib/.bkit- [ OK ]
[19:28:19] Scanning for string /tmp/.bkp [ OK ]
[19:28:19] Scanning for string /tmp/.cinik [ OK ]
[19:28:19] Scanning for string /tmp/.font-unix/.cinik [ OK ]
[19:28:19] Scanning for string /lib/.sso [ OK ]
[19:28:19] Scanning for string /lib/.so [ OK ]
[19:28:19] Scanning for string /var/run/...dica/clean [ OK ]
[19:28:19] Scanning for string /var/run/...dica/xl [ OK ]
[19:28:19] Scanning for string /var/run/...dica/xdr [ OK ]
[19:28:20] Scanning for string /var/run/...dica/psg [ OK ]
[19:28:20] Scanning for string /var/run/...dica/secure [ OK ]
[19:28:20] Scanning for string /var/run/...dica/rdx [ OK ]
[19:28:20] Scanning for string /var/run/...dica/va [ OK ]
[19:28:20] Scanning for string /var/run/...dica/cl.sh [ OK ]
[19:28:20] Scanning for string /usr/bin/.etc [ OK ]
[19:28:20] Scanning for string /usr/lib/.fx/sched_host.2 [ OK ]
[19:28:20] Scanning for string /usr/lib/.fx/random_d.2 [ OK ]
[19:28:20] Scanning for string /usr/lib/.fx/set_pid.2 [ OK ]
[19:28:21] Scanning for string /usr/lib/.fx/cons.saver [ OK ]
[19:28:21] Scanning for string /usr/lib/.fx/adore/adore/adore.ko [ OK ]
[19:28:21] Scanning for string /bin/sysback [ OK ]
[19:28:21] Scanning for string /usr/local/bin/sysback [ OK ]
[19:28:21] Scanning for string /usr/lib/.tbd [ OK ]
[19:28:21] Scanning for string /dev/.lib/lib/lib/t0rns [ OK ]
[19:28:21] Scanning for string /dev/.lib/lib/lib/du [ OK ]
[19:28:21] Scanning for string /dev/.lib/lib/lib/ls [ OK ]
[19:28:22] Scanning for string /dev/.lib/lib/lib/t0rnsb [ OK ]
[19:28:22] Scanning for string /dev/.lib/lib/lib/ps [ OK ]
[19:28:22] Scanning for string /dev/.lib/lib/lib/t0rnp [ OK ]
[19:28:22] Scanning for string /dev/.lib/lib/lib/find [ OK ]
[19:28:22] Scanning for string /dev/.lib/lib/lib/ifconfig [ OK ]
[19:28:22] Scanning for string /dev/.lib/lib/lib/pg [ OK ]
[19:28:22] Scanning for string /dev/.lib/lib/lib/ssh.tgz [ OK ]
[19:28:22] Scanning for string /dev/.lib/lib/lib/top [ OK ]
[19:28:23] Scanning for string /dev/.lib/lib/lib/sz [ OK ]
[19:28:23] Scanning for string /dev/.lib/lib/lib/login [ OK ]
[19:28:23] Scanning for string /dev/.lib/lib/lib/in.fingerd [ OK ]
[19:28:23] Scanning for string /dev/.lib/lib/lib/1i0n.sh [ OK ]
[19:28:23] Scanning for string /dev/.lib/lib/lib/pstree [ OK ]
[19:28:23] Scanning for string /dev/.lib/lib/lib/in.telnetd [ OK ]
[19:28:23] Scanning for string /dev/.lib/lib/lib/mjy [ OK ]
[19:28:23] Scanning for string /dev/.lib/lib/lib/sush [ OK ]
[19:28:23] Scanning for string /dev/.lib/lib/lib/tfn [ OK ]
[19:28:24] Scanning for string /dev/.lib/lib/lib/name [ OK ]
[19:28:24] Scanning for string /dev/.lib/lib/lib/getip.sh [ OK ]
[19:28:24] Scanning for string /usr/info/.torn/sh* [ OK ]
[19:28:24] Scanning for string /usr/src/.[*****]/.1addr [ OK ]
[19:28:24] Scanning for string /usr/src/.[*****]/.1file [ OK ]
[19:28:24] Scanning for string /usr/src/.[*****]/.1proc [ OK ]
[19:28:24] Scanning for string /usr/src/.[*****]/.1logz [ OK ]
[19:28:24] Scanning for string /usr/info/.t0rn [ OK ]
[19:28:24] Scanning for string /dev/.lib [ OK ]
[19:28:25] Scanning for string /dev/.lib/lib [ OK ]
[19:28:25] Scanning for string /dev/.lib/lib/lib [ OK ]
[19:28:25] Scanning for string /dev/.lib/lib/lib/dev [ OK ]
[19:28:25] Scanning for string /dev/.lib/lib/scan [ OK ]
[19:28:25] Scanning for string /usr/src/.[*****] [ OK ]
[19:28:25] Scanning for string /usr/man/man1/man1 [ OK ]
[19:28:25] Scanning for string /usr/man/man1/man1/lib [ OK ]
[19:28:25] Scanning for string /usr/man/man1/man1/lib/.lib [ OK ]
[19:28:26] Scanning for string /usr/man/man1/man1/lib/.lib/.backup [ OK ]
[19:28:26]
[19:28:26] Performing 'shared libraries' checks
[19:28:26] Info: Starting test name 'shared_libs'
[19:28:26] Checking for preloading variables [ None found ]
[19:28:26] Checking for preload file [ Not found ]
[19:28:26] Info: Starting test name 'shared_libs_path'
[19:28:26] Checking LD_LIBRARY_PATH variable [ Not found ]
[19:28:27]
[19:28:27] Performing file properties checks
[19:28:27] Info: Starting test name 'properties'
[19:28:27] Checking for prerequisites [ OK ]
[19:28:27] /bin/bash [ OK ]
[19:28:28] /bin/cat [ OK ]
[19:28:28] /bin/chmod [ OK ]
[19:28:28] /bin/chown [ OK ]
[19:28:29] /bin/cp [ OK ]
[19:28:29] /bin/date [ OK ]
[19:28:29] /bin/df [ OK ]
[19:28:30] /bin/dmesg [ OK ]
[19:28:30] /bin/echo [ OK ]
[19:28:30] /bin/ed [ OK ]
[19:28:31] /bin/egrep [ OK ]
[19:28:31] /bin/fgrep [ OK ]
[19:28:31] /bin/fuser [ OK ]
[19:28:32] /bin/grep [ OK ]
[19:28:32] /bin/ip [ OK ]
[19:28:33] /bin/kill [ OK ]
[19:28:33] /bin/login [ OK ]
[19:28:33] /bin/ls [ OK ]
[19:28:34] /bin/lsmod [ OK ]
[19:28:34] /bin/mktemp [ OK ]
[19:28:35] /bin/more [ OK ]
[19:28:35] /bin/mount [ OK ]
[19:28:35] /bin/mv [ OK ]
[19:28:36] /bin/netstat [ OK ]
[19:28:36] /bin/ps [ OK ]
[19:28:37] /bin/pwd [ OK ]
[19:28:37] /bin/readlink [ OK ]
[19:28:37] /bin/sed [ OK ]
[19:28:38] /bin/sh [ OK ]
[19:28:38] /bin/su [ OK ]
[19:28:39] /bin/touch [ OK ]
[19:28:39] /bin/uname [ OK ]
[19:28:40] /bin/which [ Warning ]
[19:28:40] Warning: The command '/bin/which' has been replaced by a script: /bin/which: POSIX shell script text executable
[19:28:40] /usr/bin/awk [ OK ]
[19:28:40] /usr/bin/basename [ OK ]
[19:28:41] /usr/bin/chattr [ OK ]
[19:28:41] /usr/bin/cut [ OK ]
[19:28:42] /usr/bin/diff [ OK ]
[19:28:42] /usr/bin/dirname [ OK ]
[19:28:42] /usr/bin/dpkg [ OK ]
[19:28:43] /usr/bin/dpkg-query [ OK ]
[19:28:43] /usr/bin/du [ OK ]
[19:28:43] /usr/bin/env [ OK ]
[19:28:44] /usr/bin/file [ OK ]
[19:28:44] /usr/bin/find [ OK ]
[19:28:44] /usr/bin/GET [ OK ]
[19:28:45] /usr/bin/groups [ Warning ]
[19:28:45] Warning: The command '/usr/bin/groups' has been replaced by a script: /usr/bin/groups: POSIX shell script text executable
[19:28:45] /usr/bin/head [ OK ]
[19:28:46] /usr/bin/id [ OK ]
[19:28:46] /usr/bin/killall [ OK ]
[19:28:47] /usr/bin/last [ OK ]
[19:28:47] /usr/bin/lastlog [ OK ]
[19:28:47] /usr/bin/ldd [ Warning ]
[19:28:47] Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne-Again shell script text executable
[19:28:48] /usr/bin/less [ OK ]
[19:28:48] /usr/bin/locate [ OK ]
[19:28:49] /usr/bin/logger [ OK ]
[19:28:49] /usr/bin/lsattr [ OK ]
[19:28:49] /usr/bin/lsof [ OK ]
[19:28:50] /usr/bin/mail [ OK ]
[19:28:50] /usr/bin/md5sum [ OK ]
[19:28:50] /usr/bin/newgrp [ OK ]
[19:28:51] /usr/bin/passwd [ OK ]
[19:28:51] /usr/bin/perl [ OK ]
[19:28:52] /usr/bin/pstree [ OK ]
[19:28:52] /usr/bin/rpm [ OK ]
[19:28:52] /usr/bin/runcon [ OK ]
[19:28:53] /usr/bin/sha1sum [ OK ]
[19:28:53] /usr/bin/size [ OK ]
[19:28:53] /usr/bin/slocate [ OK ]
[19:28:54] /usr/bin/sort [ OK ]
[19:28:54] /usr/bin/stat [ OK ]
[19:28:54] /usr/bin/strings [ OK ]
[19:28:55] /usr/bin/sudo [ OK ]
[19:28:55] /usr/bin/tail [ OK ]
[19:28:56] /usr/bin/test [ OK ]
[19:28:56] /usr/bin/top [ OK ]
[19:28:56] /usr/bin/touch [ OK ]
[19:28:57] /usr/bin/tr [ OK ]
[19:28:57] /usr/bin/uniq [ OK ]
[19:28:57] /usr/bin/users [ OK ]
[19:28:58] /usr/bin/vmstat [ OK ]
[19:28:58] /usr/bin/w [ OK ]
[19:28:58] /usr/bin/watch [ OK ]
[19:28:59] /usr/bin/wc [ OK ]
[19:28:59] /usr/bin/wget [ OK ]
[19:28:59] /usr/bin/whatis [ OK ]
[19:29:00] /usr/bin/whereis [ OK ]
[19:29:00] /usr/bin/which [ OK ]
[19:29:00] /usr/bin/who [ OK ]
[19:29:01] /usr/bin/whoami [ OK ]
[19:29:01] /usr/bin/gawk [ OK ]
[19:29:01] /usr/bin/lwp-request [ Warning ]
[19:29:02] Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: perl script text executable
[19:29:02] /usr/bin/w.procps [ OK ]
[19:29:02] /sbin/depmod [ OK ]
[19:29:03] /sbin/ifconfig [ OK ]
[19:29:03] /sbin/ifdown [ OK ]
[19:29:04] /sbin/ifup [ OK ]
[19:29:04] /sbin/init [ OK ]
[19:29:05] /sbin/insmod [ OK ]
[19:29:05] /sbin/ip [ OK ]
[19:29:05] /sbin/lsmod [ OK ]
[19:29:06] /sbin/modinfo [ OK ]
[19:29:06] /sbin/modprobe [ OK ]
[19:29:07] /sbin/rmmod [ OK ]
[19:29:07] /sbin/runlevel [ OK ]
[19:29:08] /sbin/sulogin [ OK ]
[19:29:08] /sbin/sysctl [ OK ]
[19:29:08] /sbin/syslogd [ OK ]
[19:29:09] /usr/sbin/adduser [ Warning ]
[19:29:09] Warning: The command '/usr/sbin/adduser' has been replaced by a script: /usr/sbin/adduser: perl script text executable
[19:29:10] /usr/sbin/chroot [ OK ]
[19:29:10] /usr/sbin/cron [ OK ]
[19:29:11] /usr/sbin/groupadd [ OK ]
[19:29:11] /usr/sbin/groupdel [ OK ]
[19:29:11] /usr/sbin/groupmod [ OK ]
[19:29:12] /usr/sbin/grpck [ OK ]
[19:29:13] /usr/sbin/nologin [ OK ]
[19:29:14] /usr/sbin/pwck [ OK ]
[19:29:15] /usr/sbin/tcpd [ OK ]
[19:29:15] /usr/sbin/useradd [ OK ]
[19:29:16] /usr/sbin/userdel [ OK ]
[19:29:16] /usr/sbin/usermod [ OK ]
[19:29:16] /usr/sbin/vipw [ OK ]
[19:29:17] /usr/local/bin/chkconfig [ Warning ]
[19:29:17] Warning: Write permission is set on file '/usr/local/bin/chkconfig' for all users.
[19:29:17] Warning: The command '/usr/local/bin/chkconfig' has been replaced by a script: /usr/local/bin/chkconfig: POSIX shell script text executable
[19:29:19] /usr/local/bin/rkhunter [ OK ]
[19:29:25]
[19:29:25] Checking for rootkits...
[19:29:25] Info: Starting test name 'rootkits'
[19:29:25]
[19:29:25] Performing check of known rootkit files and directories
[19:29:25] Info: Starting test name 'known_rkts'
[19:29:25]
[19:29:25] Checking for 55808 Trojan - Variant A...
[19:29:25] Checking for file '/tmp/.../r' [ Not found ]
[19:29:25] Checking for file '/tmp/.../a' [ Not found ]
[19:29:25] 55808 Trojan - Variant A [ Not found ]
[19:29:26]
[19:29:26] Checking for ADM Worm...
[19:29:26] Checking for string 'w0rm' [ Not found ]
[19:29:26] ADM Worm [ Not found ]
[19:29:26]
[19:29:26] Checking for AjaKit Rootkit...
[19:29:26] Checking for file '/dev/tux/.addr' [ Not found ]
[19:29:26] Checking for file '/dev/tux/.proc' [ Not found ]
[19:29:26] Checking for file '/dev/tux/.file' [ Not found ]
[19:29:26] Checking for file '/lib/.libgh-gh/cleaner' [ Not found ]
[19:29:27] Checking for file '/lib/.libgh-gh/Patch/patch' [ Not found ]
[19:29:27] Checking for file '/lib/.libgh-gh/sb0k' [ Not found ]
[19:29:27] Checking for directory '/dev/tux' [ Not found ]
[19:29:27] Checking for directory '/lib/.libgh-gh' [ Not found ]
[19:29:27] AjaKit Rootkit [ Not found ]
[19:29:27]
[19:29:27] Checking for aPa Kit...
[19:29:27] Checking for file '/usr/share/.aPa' [ Not found ]
[19:29:27] aPa Kit [ Not found ]
[19:29:27]
[19:29:27] Checking for Apache Worm...
[19:29:27] Checking for file '/bin/.log' [ Not found ]
[19:29:28] Apache Worm [ Not found ]
[19:29:28]
[19:29:28] Checking for Ambient (ark) Rootkit...
[19:29:28] Checking for file '/usr/lib/.ark?' [ Not found ]
[19:29:28] Checking for file '/dev/ptyxx/.log' [ Not found ]
[19:29:28] Checking for file '/dev/ptyxx/.file' [ Not found ]
[19:29:28] Checking for directory '/dev/ptyxx' [ Not found ]
[19:29:28] Ambient (ark) Rootkit [ Not found ]
[19:29:28]
[19:29:28] Checking for Balaur Rootkit...
[19:29:28] Checking for file '/usr/lib/liblog.o' [ Not found ]
[19:29:29] Checking for directory '/usr/lib/.kinetic' [ Not found ]
[19:29:29] Checking for directory '/usr/lib/.egcs' [ Not found ]
[19:29:29] Checking for directory '/usr/lib/.wormie' [ Not found ]
[19:29:29] Balaur Rootkit [ Not found ]
[19:29:29]
[19:29:29] Checking for BeastKit Rootkit...
[19:29:29] Checking for file '/usr/sbin/arobia' [ Not found ]
[19:29:29] Checking for file '/usr/sbin/idrun' [ Not found ]
[19:29:29] Checking for file '/usr/lib/elm/arobia/elm' [ Not found ]
[19:29:29] Checking for file '/usr/lib/elm/arobia/elm/hk' [ Not found ]
[19:29:30] Checking for file '/usr/lib/elm/arobia/elm/hk.pub' [ Not found ]
[19:29:30] Checking for file '/usr/lib/elm/arobia/elm/sc' [ Not found ]
[19:29:30] Checking for file '/usr/lib/elm/arobia/elm/sd.pp' [ Not found ]
[19:29:30] Checking for file '/usr/lib/elm/arobia/elm/sdco' [ Not found ]
[19:29:30] Checking for file '/usr/lib/elm/arobia/elm/srsd' [ Not found ]
[19:29:30] Checking for directory '/lib/ldd.so/bktools' [ Not found ]
[19:29:30] BeastKit Rootkit [ Not found ]
[19:29:30]
[19:29:30] Checking for beX2 Rootkit...
[19:29:30] Checking for directory '/usr/include/bex' [ Not found ]
[19:29:31] beX2 Rootkit [ Not found ]
[19:29:31]
[19:29:31] Checking for BOBKit Rootkit...
[19:29:31] Checking for file '/usr/sbin/ntpsx' [ Not found ]
[19:29:31] Checking for file '/usr/lib/.../ls' [ Not found ]
[19:29:31] Checking for file '/usr/lib/.../netstat' [ Not found ]
[19:29:31] Checking for file '/usr/lib/.../lsof' [ Not found ]
[19:29:31] Checking for file '/usr/lib/.../bkit-ssh/bkit-shdcfg' [ Not found ]
[19:29:31] Checking for file '/usr/lib/.../bkit-ssh/bkit-shhk' [ Not found ]
[19:29:31] Checking for file '/usr/lib/.../bkit-ssh/bkit-pw' [ Not found ]
[19:29:32] Checking for file '/usr/lib/.../bkit-ssh/bkit-shrs' [ Not found ]
[19:29:32] Checking for file '/usr/lib/.../uconf.inv' [ Not found ]
[19:29:32] Checking for file '/usr/lib/.../psr' [ Not found ]
[19:29:32] Checking for file '/usr/lib/.../find' [ Not found ]
[19:29:32] Checking for file '/usr/lib/.../pstree' [ Not found ]
[19:29:32] Checking for file '/usr/lib/.../slocate' [ Not found ]
[19:29:32] Checking for file '/usr/lib/.../du' [ Not found ]
[19:29:32] Checking for file '/usr/lib/.../top' [ Not found ]
[19:29:33] Checking for directory '/usr/lib/...' [ Not found ]
[19:29:33] Checking for directory '/usr/lib/.../bkit-ssh' [ Not found ]
[19:29:33] Checking for directory '/usr/lib/.bkit-' [ Not found ]
[19:29:33] Checking for directory '/tmp/.bkp' [ Not found ]
[19:29:33] BOBKit Rootkit [ Not found ]
[19:29:33]
[19:29:33] Checking for CiNIK Worm (Slapper.B variant)...
[19:29:33] Checking for file '/tmp/.cinik' [ Not found ]
[19:29:33] Checking for directory '/tmp/.font-unix/.cinik' [ Not found ]
[19:29:34] CiNIK Worm (Slapper.B variant) [ Not found ]
[19:29:34]
[19:29:34] Checking for Danny-Boy's Abuse Kit...
[19:29:34] Checking for file '/dev/mdev' [ Not found ]
[19:29:34] Checking for file '/usr/lib/libX.a' [ Not found ]
[19:29:34] Danny-Boy's Abuse Kit [ Not found ]
[19:29:34]
[19:29:34] Checking for Devil RootKit...
[19:29:34] Checking for file '/var/lib/games/.src' [ Not found ]
[19:29:34] Checking for file '/dev/dsx' [ Not found ]
[19:29:34] Checking for file '/dev/caca' [ Not found ]
[19:29:35] Devil RootKit [ Not found ]
[19:29:35]
[19:29:35] Checking for Dica-Kit Rootkit...
[19:29:35] Checking for file '/lib/.sso' [ Not found ]
[19:29:35] Checking for file '/lib/.so' [ Not found ]
[19:29:35] Checking for file '/var/run/...dica/clean' [ Not found ]
[19:29:35] Checking for file '/var/run/...dica/xl' [ Not found ]
[19:29:35] Checking for file '/var/run/...dica/xdr' [ Not found ]
[19:29:35] Checking for file '/var/run/...dica/psg' [ Not found ]
[19:29:35] Checking for file '/var/run/...dica/secure' [ Not found ]
[19:29:36] Checking for file '/var/run/...dica/rdx' [ Not found ]
[19:29:36] Checking for file '/var/run/...dica/va' [ Not found ]
[19:29:36] Checking for file '/var/run/...dica/cl.sh' [ Not found ]
[19:29:36] Checking for file '/usr/bin/.etc' [ Not found ]
[19:29:36] Checking for directory '/var/run/...dica' [ Not found ]
[19:29:36] Checking for directory '/var/run/...dica/mh' [ Not found ]
[19:29:36] Checking for directory '/var/run/...dica/scan' [ Not found ]
[19:29:36] Dica-Kit Rootkit [ Not found ]
[19:29:37]
[19:29:37] Checking for Dreams Rootkit...
[19:29:37] Checking for file '/dev/ttyoa' [ Not found ]
[19:29:37] Checking for file '/dev/ttyof' [ Not found ]
[19:29:37] Checking for file '/dev/ttyop' [ Not found ]
[19:29:37] Checking for file '/usr/bin/sense' [ Not found ]
[19:29:37] Checking for file '/usr/bin/sl2' [ Not found ]
[19:29:37] Checking for file '/usr/bin/logclear' [ Not found ]
[19:29:37] Checking for file '/usr/bin/(swapd)' [ Not found ]
[19:29:37] Checking for file '/usr/bin/snfs' [ Not found ]
[19:29:38] Checking for file '/usr/lib/libsss' [ Not found ]
[19:29:38] Checking for directory '/dev/ida/.hpd' [ Not found ]
[19:29:38] Dreams Rootkit [ Not found ]
[19:29:38]
[19:29:38] Checking for Duarawkz Rootkit...
[19:29:38] Checking for file '/usr/bin/duarawkz/loginpass' [ Not found ]
[19:29:38] Checking for directory '/usr/bin/duarawkz' [ Not found ]
[19:29:38] Duarawkz Rootkit [ Not found ]
[19:29:38]
[19:29:38] Checking for Enye LKM...
[19:29:38] Checking for file '/etc/.enyelkmHIDE^IT.ko' [ Not found ]
[19:29:38] Enye LKM [ Not found ]
[19:29:39]
[19:29:39] Checking for Flea Linux Rootkit...
[19:29:39] Checking for file '/etc/ld.so.hash' [ Not found ]
[19:29:39] Checking for file '/lib/security/.config/ssh/ssh_host_key' [ Not found ]
[19:29:39] Checking for file '/lib/security/.config/ssh/ssh_host_key.pub' [ Not found ]
[19:29:39] Checking for file '/lib/security/.config/ssh/ssh_random_seed' [ Not found ]
[19:29:39] Checking for file '/usr/bin/ssh2d' [ Not found ]
[19:29:39] Checking for file '/usr/lib/ldlibns.so' [ Not found ]
[19:29:39] Checking for file '/usr/lib/ldlibpst.so' [ Not found ]
[19:29:40] Checking for file '/usr/lib/ldlibdu.so' [ Not found ]
[19:29:40] Checking for file '/usr/lib/ldlibct.so' [ Not found ]
[19:29:40] Checking for directory '/lib/security/.config/ssh' [ Not found ]
[19:29:40] Checking for directory '/dev/..0' [ Not found ]
[19:29:40] Checking for directory '/dev/..0/backup' [ Not found ]
[19:29:40] Flea Linux Rootkit [ Not found ]
[19:29:40]
[19:29:40] Checking for FreeBSD Rootkit...
[19:29:40] Checking for file '/usr/lib/.fx/sched_host.2' [ Not found ]
[19:29:40] Checking for file '/usr/lib/.fx/random_d.2' [ Not found ]
[19:29:41] Checking for file '/usr/lib/.fx/set_pid.2' [ Not found ]
[19:29:41] Checking for file '/usr/lib/.fx/cons.saver' [ Not found ]
[19:29:41] Checking for file '/usr/lib/.fx/adore/adore/adore.ko' [ Not found ]
[19:29:41] Checking for file '/bin/sysback' [ Not found ]
[19:29:41] Checking for file '/usr/local/bin/sysback' [ Not found ]
[19:29:41] Checking for directory '/usr/lib/.fx' [ Not found ]
[19:29:41] Checking for directory '/usr/lib/.fx/adore' [ Not found ]
[19:29:41] FreeBSD Rootkit [ Not found ]
[19:29:41]
[19:29:41] Checking for Fuck`it Rootkit...
[19:29:42] Checking for file '/dev/proc/fuckit/hax0r' [ Not found ]
[19:29:42] Checking for file '/dev/proc/fuckit/hax0rshell' [ Not found ]
[19:29:42] Checking for file '/dev/proc/fuckit/config/lports' [ Not found ]
[19:29:42] Checking for file '/dev/proc/fuckit/config/rports' [ Not found ]
[19:29:42] Checking for file '/dev/proc/fuckit/config/rkconf' [ Not found ]
[19:29:42] Checking for file '/dev/proc/fuckit/config/password' [ Not found ]
[19:29:42] Checking for file '/dev/proc/fuckit/config/progs' [ Not found ]
[19:29:42] Checking for file '/dev/proc/system-bins/init' [ Not found ]
[19:29:42] Fuck`it Rootkit [ Not found ]
[19:29:43]
[19:29:43] Checking for GasKit Rootkit...
[19:29:43] Checking for file '/dev/dev/gaskit/sshd/sshdd' [ Not found ]
[19:29:43] Checking for directory '/dev/dev' [ Not found ]
[19:29:43] Checking for directory '/dev/dev/gaskit' [ Not found ]
[19:29:43] Checking for directory '/dev/dev/gaskit/sshd' [ Not found ]
[19:29:43] GasKit Rootkit [ Not found ]
[19:29:43]
[19:29:43] Checking for Heroin LKM...
[19:29:43] Checking for kernel symbol 'heroin' [ Not found ]
[19:29:43] Heroin LKM [ Not found ]
[19:29:44]
[19:29:44] Checking for HjC Kit...
[19:29:44] Checking for directory '/dev/.hijackerz' [ Not found ]
[19:29:44] HjC Kit [ Not found ]
[19:29:44]
[19:29:44] Checking for ignoKit Rootkit...
[19:29:44] Checking for file '/lib/defs/p' [ Not found ]
[19:29:44] Checking for file '/lib/defs/q' [ Not found ]
[19:29:44] Checking for file '/lib/defs/r' [ Not found ]
[19:29:44] Checking for file '/lib/defs/s' [ Not found ]
[19:29:44] Checking for file '/lib/defs/t' [ Not found ]
[19:29:45] Checking for file '/usr/lib/defs/p' [ Not found ]
[19:29:45] Checking for file '/usr/lib/defs/q' [ Not found ]
[19:29:45] Checking for file '/usr/lib/defs/r' [ Not found ]
[19:29:45] Checking for file '/usr/lib/defs/s' [ Not found ]
[19:29:45] Checking for file '/usr/lib/defs/t' [ Not found ]
[19:29:45] Checking for file '/usr/lib/.libigno/pkunsec' [ Not found ]
[19:29:45] Checking for file '/usr/lib/.libigno/.igno/psybnc/psybnc' [ Not found ]
[19:29:45] Checking for directory '/usr/lib/.libigno' [ Not found ]
[19:29:45] Checking for directory '/usr/lib/.libigno/.igno' [ Not found ]
[19:29:46] ignoKit Rootkit [ Not found ]
[19:29:46]
[19:29:46] Checking for ImperalsS-FBRK Rootkit...
[19:29:46] Checking for directory '/dev/fd/.88' [ Not found ]
[19:29:46] Checking for directory '/dev/fd/.99' [ Not found ]
[19:29:46] ImperalsS-FBRK Rootkit [ Not found ]
[19:29:46]
[19:29:46] Checking for IntoXonia-NG Rootkit...
[19:29:46] Checking for kernel symbol 'funces' [ Not found ]
[19:29:46] Checking for kernel symbol 'ixinit' [ Not found ]
[19:29:47] Checking for kernel symbol 'tricks' [ Not found ]
[19:29:47] Checking for kernel symbol 'kernel_unlink' [ Not found ]
[19:29:47] Checking for kernel symbol 'rootme' [ Not found ]
[19:29:47] Checking for kernel symbol 'hide_module' [ Not found ]
[19:29:47] Checking for kernel symbol 'find_sys_call_tbl' [ Not found ]
[19:29:48] IntoXonia-NG Rootkit [ Not found ]
[19:29:48]
[19:29:48] Checking for Irix Rootkit...
[19:29:48] Checking for directory '/dev/pts/01' [ Not found ]
[19:29:48] Checking for directory '/dev/pts/01/backup' [ Not found ]
[19:29:48] Checking for directory '/dev/pts/01/etc' [ Not found ]
[19:29:48] Checking for directory '/dev/pts/01/tmp' [ Not found ]
[19:29:48] Irix Rootkit [ Not found ]
[19:29:48]
[19:29:48] Checking for Kitko Rootkit...
[19:29:48] Checking for directory '/usr/src/redhat/SRPMS/...' [ Not found ]
[19:29:49] Kitko Rootkit [ Not found ]
[19:29:49]
[19:29:49] Checking for Knark Rootkit...
[19:29:49] Checking for file '/proc/knark/pids' [ Not found ]
[19:29:49] Checking for directory '/proc/knark' [ Not found ]
[19:29:49] Knark Rootkit [ Not found ]
[19:29:49]
[19:29:49] Checking for Li0n Worm...
[19:29:49] Checking for file '/bin/in.telnetd' [ Not found ]
[19:29:49] Checking for file '/bin/mjy' [ Not found ]
[19:29:49] Checking for file '/usr/man/man1/man1/lib/.lib/mjy' [ Not found ]
[19:29:50] Checking for file '/usr/man/man1/man1/lib/.lib/in.telnetd' [ Not found ]
[19:29:50] Checking for file '/usr/man/man1/man1/lib/.lib/.x' [ Not found ]
[19:29:50] Checking for file '/dev/.lib/lib/scan/1i0n.sh' [ Not found ]
[19:29:50] Checking for file '/dev/.lib/lib/scan/hack.sh' [ Not found ]
[19:29:50] Checking for file '/dev/.lib/lib/scan/bind' [ Not found ]
[19:29:50] Checking for file '/dev/.lib/lib/scan/randb' [ Not found ]
[19:29:50] Checking for file '/dev/.lib/lib/scan/scan.sh' [ Not found ]
[19:29:50] Checking for file '/dev/.lib/lib/scan/pscan' [ Not found ]
[19:29:51] Checking for file '/dev/.lib/lib/scan/star.sh' [ Not found ]
[19:29:51] Checking for file '/dev/.lib/lib/scan/bindx.sh' [ Not found ]
[19:29:51] Checking for file '/dev/.lib/lib/scan/bindname.log' [ Not found ]
[19:29:51] Checking for file '/dev/.lib/lib/1i0n.sh' [ Not found ]
[19:29:51] Checking for file '/dev/.lib/lib/lib/netstat' [ Not found ]
[19:29:51] Checking for file '/dev/.lib/lib/lib/dev/.1addr' [ Not found ]
[19:29:51] Checking for file '/dev/.lib/lib/lib/dev/.1logz' [ Not found ]
[19:29:51] Checking for file '/dev/.lib/lib/lib/dev/.1proc' [ Not found ]
[19:29:51] Checking for file '/dev/.lib/lib/lib/dev/.1file' [ Not found ]
[19:29:52] Li0n Worm [ Not found ]
[19:29:52]
[19:29:52] Checking for Lockit / LJK2 Rootkit...
[19:29:52] Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_config' [ Not found ]
[19:29:52] Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_host_key' [ Not found ]
[19:29:52] Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_host_key.pub' [ Not found ]
[19:29:52] Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_random_seed*' [ Not found ]
[19:29:52] Checking for file '/usr/lib/libmen.oo/.LJK2/sshd_config' [ Not found ]
[19:29:52] Checking for file '/usr/lib/libmen.oo/.LJK2/backdoor/RK1bd' [ Not found ]
[19:29:52] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/du' [ Not found ]
[19:29:53] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ifconfig' [ Not found ]
[19:29:53] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/inetd.conf' [ Not found ]
[19:29:53] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/locate' [ Not found ]
[19:29:53] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/login' [ Not found ]
[19:29:53] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ls' [ Not found ]
[19:29:53] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/netstat' [ Not found ]
[19:29:53] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ps' [ Not found ]
[19:29:53] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/pstree' [ Not found ]
[19:29:54] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/rc.sysinit' [ Not found ]
[19:29:54] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/syslogd' [ Not found ]
[19:29:54] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/tcpd' [ Not found ]
[19:29:54] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/top' [ Not found ]
[19:29:54] Checking for file '/usr/lib/libmen.oo/.LJK2/clean/RK1sauber' [ Not found ]
[19:29:54] Checking for file '/usr/lib/libmen.oo/.LJK2/clean/RK1wted' [ Not found ]
[19:29:54] Checking for file '/usr/lib/libmen.oo/.LJK2/hack/RK1parser' [ Not found ]
[19:29:54] Checking for file '/usr/lib/libmen.oo/.LJK2/hack/RK1sniff' [ Not found ]
[19:29:54] Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1addr' [ Not found ]
[19:29:55] Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1dir' [ Not found ]
[19:29:55] Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1log' [ Not found ]
[19:29:55] Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1proc' [ Not found ]
[19:29:55] Checking for file '/usr/lib/libmen.oo/.LJK2/hide/RK1phidemod.c' [ Not found ]
[19:29:55] Checking for file '/usr/lib/libmen.oo/.LJK2/modules/README.modules' [ Not found ]
[19:29:55] Checking for file '/usr/lib/libmen.oo/.LJK2/modules/RK1hidem.c' [ Not found ]
[19:29:55] Checking for file '/usr/lib/libmen.oo/.LJK2/modules/RK1phide' [ Not found ]
[19:29:55] Checking for file '/usr/lib/libmen.oo/.LJK2/sshconfig/RK1ssh' [ Not found ]
[19:29:56] Checking for directory '/usr/lib/libmen.oo/.LJK2' [ Not found ]
[19:29:56] Lockit / LJK2 Rootkit [ Not found ]
[19:29:56]
[19:29:56] Checking for Mood-NT Rootkit...
[19:29:56] Checking for file '/sbin/init__mood-nt-_-_cthulhu' [ Not found ]
[19:29:56] Checking for file '/_cthulhu/mood-nt.init' [ Not found ]
[19:29:56] Checking for file '/_cthulhu/mood-nt.conf' [ Not found ]
[19:29:56] Checking for file '/_cthulhu/mood-nt.sniff' [ Not found ]
[19:29:56] Checking for directory '/_cthulhu' [ Not found ]
[19:29:57] Mood-NT Rootkit [ Not found ]
[19:29:57]
[19:29:57] Checking for MRK Rootkit...
[19:29:57] Checking for file '/dev/ida/.inet/pid' [ Not found ]
[19:29:57] Checking for file '/dev/ida/.inet/ssh_host_key' [ Not found ]
[19:29:57] Checking for file '/dev/ida/.inet/ssh_random_seed' [ Not found ]
[19:29:57] Checking for file '/dev/ida/.inet/tcp.log' [ Not found ]
[19:29:57] Checking for directory '/dev/ida/.inet' [ Not found ]
[19:29:57] Checking for directory '/var/spool/cron/.sh' [ Not found ]
[19:29:57] MRK Rootkit [ Not found ]
[19:29:58]
[19:29:58] Checking for Ni0 Rootkit...
[19:29:58] Checking for file '/var/lock/subsys/...datafile.../...net...' [ Not found ]
[19:29:58] Checking for file '/var/lock/subsys/...datafile.../...port...' [ Not found ]
[19:29:58] Checking for file '/var/lock/subsys/...datafile.../...ps...' [ Not found ]
[19:29:58] Checking for file '/var/lock/subsys/...datafile.../...file...' [ Not found ]
[19:29:58] Checking for directory '/tmp/waza' [ Not found ]
[19:29:58] Checking for directory '/var/lock/subsys/...datafile...' [ Not found ]
[19:29:58] Checking for directory '/usr/sbin/es' [ Not found ]
[19:29:58] Ni0 Rootkit [ Not found ]
[19:29:59]
[19:29:59] Checking for Ohhara Rootkit...
[19:29:59] Checking for file '/var/lock/subsys/...datafile.../...datafile.../in.smbd.log' [ Not found ]
[19:29:59] Checking for directory '/var/lock/subsys/...datafile...' [ Not found ]
[19:29:59] Checking for directory '/var/lock/subsys/...datafile.../...datafile...' [ Not found ]
[19:29:59] Checking for directory '/var/lock/subsys/...datafile.../...datafile.../bin' [ Not found ]
[19:29:59] Checking for directory '/var/lock/subsys/...datafile.../...datafile.../usr/bin' [ Not found ]
[19:29:59] Checking for directory '/var/lock/subsys/...datafile.../...datafile.../usr/sbin' [ Not found ]
[19:29:59] Checking for directory '/var/lock/subsys/...datafile.../...datafile.../lib/security' [ Not found ]
[19:29:59] Ohhara Rootkit [ Not found ]
[19:30:00]
[19:30:00] Checking for Optic Kit (Tux) Worm...
[19:30:00] Checking for directory '/dev/tux' [ Not found ]
[19:30:00] Checking for directory '/usr/bin/xchk' [ Not found ]
[19:30:00] Checking for directory '/usr/bin/xsf' [ Not found ]
[19:30:00] Checking for directory '/usr/bin/ssh2d' [ Not found ]
[19:30:00] Optic Kit (Tux) Worm [ Not found ]
[19:30:00]
[19:30:00] Checking for Oz Rootkit...
[19:30:00] Checking for file '/dev/.oz/.nap/rkit/terror' [ Not found ]
[19:30:00] Checking for directory '/dev/.oz' [ Not found ]
[19:30:01] Oz Rootkit [ Not found ]
[19:30:01]
[19:30:01] Checking for Phalanx Rootkit...
[19:30:01] Checking for file '/usr/share/.home.ph1/cb' [ Not found ]
[19:30:01] Checking for file '/etc/host.ph1' [ Not found ]
[19:30:01] Checking for file '/bin/host.ph1' [ Not found ]
[19:30:01] Checking for file '/usr/share/.home.ph1/phalanx' [ Not found ]
[19:30:01] Checking for directory '/usr/share/.home.ph1' [ Not found ]
[19:30:01] Phalanx Rootkit [ Not found ]
[19:30:01]
[19:30:01] Checking for Phalanx Rootkit (strings)...
[19:30:02] Checking for string 'phalanx' [ Not found ]
[19:30:02] Phalanx Rootkit (strings) [ Not found ]
[19:30:02]
[19:30:02] Checking for Phalanx2 Rootkit...
[19:30:02] Checking for file '/etc/khubd.p2/.p2rc' [ Not found ]
[19:30:02] Checking for file '/etc/khubd.p2/.phalanx2' [ Not found ]
[19:30:02] Checking for file '/etc/khubd.p2/.sniff' [ Not found ]
[19:30:02] Checking for file '/etc/khubd.p2/sshgrab.py' [ Not found ]
[19:30:02] Checking for file '/etc/lolzz.p2/.p2rc' [ Not found ]
[19:30:02] Checking for file '/etc/lolzz.p2/.phalanx2' [ Not found ]
[19:30:03] Checking for file '/etc/lolzz.p2/.sniff' [ Not found ]
[19:30:03] Checking for file '/etc/lolzz.p2/sshgrab.py' [ Not found ]
[19:30:03] Checking for directory '/etc/khubd.p2' [ Not found ]
[19:30:03] Checking for directory '/etc/lolzz.p2' [ Not found ]
[19:30:03] Phalanx2 Rootkit [ Not found ]
[19:30:03]
[19:30:03] Checking for Phalanx2 Rootkit (extended tests)...
[19:30:03] Checking for directory '/etc/khubd.p2' [ Not found ]
[19:30:03] Checking for directory '/etc/lolzz.p2' [ Not found ]
[19:30:04] Phalanx2 Rootkit (extended tests) [ Not found ]
[19:30:04]
[19:30:04] Checking for Portacelo Rootkit...
[19:30:04] Checking for file '/var/lib/.../.ak' [ Not found ]
[19:30:04] Checking for file '/var/lib/.../.hk' [ Not found ]
[19:30:04] Checking for file '/var/lib/.../.rs' [ Not found ]
[19:30:04] Checking for file '/var/lib/.../.p' [ Not found ]
[19:30:04] Checking for file '/var/lib/.../getty' [ Not found ]
[19:30:04] Checking for file '/var/lib/.../lkt.o' [ Not found ]
[19:30:04] Checking for file '/var/lib/.../show' [ Not found ]
[19:30:04] Checking for file '/var/lib/.../nlkt.o' [ Not found ]
[19:30:05] Checking for file '/var/lib/.../ssshrc' [ Not found ]
[19:30:05] Checking for file '/var/lib/.../sssh_equiv' [ Not found ]
[19:30:05] Checking for file '/var/lib/.../sssh_known_hosts' [ Not found ]
[19:30:05] Checking for file '/var/lib/.../sssh_pid' [ Not found ]
[19:30:05] Checking for file '~/.sssh/known_hosts' [ Not found ]
[19:30:05] Portacelo Rootkit [ Not found ]
[19:30:05]
[19:30:05] Checking for R3dstorm Toolkit...
[19:30:05] Checking for file '/var/log/tk02/see_all' [ Not found ]
[19:30:06] Checking for file '/bin/.../sshd/sbin/sshd1' [ Not found ]
[19:30:06] Checking for file '/bin/.../hate/sk' [ Not found ]
[19:30:06] Checking for file '/bin/.../see_all' [ Not found ]
[19:30:06] Checking for directory '/var/log/tk02' [ Not found ]
[19:30:06] Checking for directory '/var/log/tk02/old' [ Not found ]
[19:30:06] Checking for directory '/bin/...' [ Not found ]
[19:30:06] R3dstorm Toolkit [ Not found ]
[19:30:06]
[19:30:06] Checking for RH-Sharpe's Rootkit...
[19:30:07] Checking for file '/bin/lps' [ Not found ]
[19:30:07] Checking for file '/usr/bin/lpstree' [ Not found ]
[19:30:07] Checking for file '/usr/bin/ltop' [ Not found ]
[19:30:07] Checking for file '/usr/bin/lkillall' [ Not found ]
[19:30:07] Checking for file '/usr/bin/ldu' [ Not found ]
[19:30:07] Checking for file '/usr/bin/lnetstat' [ Not found ]
[19:30:07] Checking for file '/usr/bin/wp' [ Not found ]
[19:30:07] Checking for file '/usr/bin/shad' [ Not found ]
[19:30:08] Checking for file '/usr/bin/vadim' [ Not found ]
[19:30:08] Checking for file '/usr/bin/slice' [ Not found ]
[19:30:08] Checking for file '/usr/bin/cleaner' [ Not found ]
[19:30:08] Checking for file '/usr/include/rpcsvc/du' [ Not found ]
[19:30:08] RH-Sharpe's Rootkit [ Not found ]
[19:30:08]
[19:30:08] Checking for RSHA's Rootkit...
[19:30:08] Checking for file '/bin/kr4p' [ Not found ]
[19:30:08] Checking for file '/usr/bin/n3tstat' [ Not found ]
[19:30:08] Checking for file '/usr/bin/chsh2' [ Not found ]
[19:30:09] Checking for file '/usr/bin/slice2' [ Not found ]
[19:30:09] Checking for file '/usr/src/linux/arch/alpha/lib/.lib/.1proc' [ Not found ]
[19:30:09] Checking for file '/etc/rc.d/arch/alpha/lib/.lib/.1addr' [ Not found ]
[19:30:09] Checking for directory '/etc/rc.d/rsha' [ Not found ]
[19:30:09] Checking for directory '/etc/rc.d/arch/alpha/lib/.lib' [ Not found ]
[19:30:09] RSHA's Rootkit [ Not found ]
[19:30:09]
[19:30:09] Checking for Scalper Worm...
[19:30:09] Checking for file '/tmp/.a' [ Not found ]
[19:30:09] Checking for file '/tmp/.uua' [ Not found ]
[19:30:10] Scalper Worm [ Not found ]
[19:30:10]
[19:30:10] Checking for Sebek LKM...
[19:30:10] Checking for kernel symbol 'adore or sebek' [ Not found ]
[19:30:10] Sebek LKM [ Not found ]
[19:30:10]
[19:30:10] Checking for Shutdown Rootkit...
[19:30:11] Checking for file '/usr/man/man5/.. /.dir/scannah/asus' [ Not found ]
[19:30:11] Checking for file '/usr/man/man5/.. /.dir/see' [ Not found ]
[19:30:11] Checking for file '/usr/man/man5/.. /.dir/nscd' [ Not found ]
[19:30:11] Checking for file '/usr/man/man5/.. /.dir/alpd' [ Not found ]
[19:30:11] Checking for file '/etc/rc.d/rc.local ' [ Not found ]
[19:30:11] Checking for directory '/usr/man/man5/.. /.dir' [ Not found ]
[19:30:11] Checking for directory '/usr/man/man5/.. /.dir/scannah' [ Not found ]
[19:30:11] Checking for directory '/etc/rc.d/rc0.d/.. /.dir' [ Not found ]
[19:30:12] Shutdown Rootkit [ Not found ]
[19:30:12]
[19:30:12] Checking for SHV4 Rootkit...
[19:30:12] Checking for file '/etc/ld.so.hash' [ Not found ]
[19:30:12] Checking for file '/lib/libext-2.so.7' [ Not found ]
[19:30:12] Checking for file '/lib/lidps1.so' [ Not found ]
[19:30:12] Checking for file '/usr/sbin/xntps' [ Not found ]
[19:30:12] Checking for directory '/lib/security/.config' [ Not found ]
[19:30:12] Checking for directory '/lib/security/.config/ssh' [ Not found ]
[19:30:12] SHV4 Rootkit [ Not found ]
[19:30:13]
[19:30:13] Checking for SHV5 Rootkit...
[19:30:13] Checking for file '/etc/sh.conf' [ Not found ]
[19:30:13] Checking for file '/dev/srd0' [ Not found ]
[19:30:13] Checking for directory '/usr/lib/libsh' [ Not found ]
[19:30:13] SHV5 Rootkit [ Not found ]
[19:30:13]
[19:30:13] Checking for Sin Rootkit...
[19:30:13] Checking for file '/dev/.haos/haos1/.f/Denyed' [ Not found ]
[19:30:13] Checking for file '/dev/ttyoa' [ Not found ]
[19:30:14] Checking for file '/dev/ttyof' [ Not found ]
[19:30:14] Checking for file '/dev/ttyop' [ Not found ]
[19:30:14] Checking for file '/dev/ttyos' [ Not found ]
[19:30:14] Checking for file '/usr/lib/.lib' [ Not found ]
[19:30:14] Checking for file '/usr/lib/sn/.X' [ Not found ]
[19:30:14] Checking for file '/usr/lib/sn/.sys' [ Not found ]
[19:30:14] Checking for file '/usr/lib/ld/.X' [ Not found ]
[19:30:14] Checking for file '/usr/man/man1/...' [ Not found ]
[19:30:15] Checking for file '/usr/man/man1/.../.m' [ Not found ]
[19:30:15] Checking for file '/usr/man/man1/.../.w' [ Not found ]
[19:30:15] Checking for directory '/usr/lib/sn' [ Not found ]
[19:30:15] Checking for directory '/usr/lib/man1/...' [ Not found ]
[19:30:15] Checking for directory '/dev/.haos' [ Not found ]
[19:30:15] Sin Rootkit [ Not found ]
[19:30:15]
[19:30:15] Checking for Slapper Worm...
[19:30:15] Checking for file '/tmp/.bugtraq' [ Not found ]
[19:30:15] Checking for file '/tmp/.uubugtraq' [ Not found ]
[19:30:16] Checking for file '/tmp/.bugtraq.c' [ Not found ]
[19:30:16] Checking for file '/tmp/httpd' [ Not found ]
[19:30:16] Checking for file '/tmp/.unlock' [ Not found ]
[19:30:16] Checking for file '/tmp/update' [ Not found ]
[19:30:16] Checking for file '/tmp/.cinik' [ Not found ]
[19:30:16] Checking for file '/tmp/.b' [ Not found ]
[19:30:16] Slapper Worm [ Not found ]
[19:30:17]
[19:30:17] Checking for Sneakin Rootkit...
[19:30:17] Checking for directory '/tmp/.X11-unix/.../rk' [ Not found ]
[19:30:17] Sneakin Rootkit [ Not found ]
[19:30:17]
[19:30:17] Checking for Suckit Rootkit...
[19:30:17] Checking for file '/sbin/initsk12' [ Not found ]
[19:30:17] Checking for file '/sbin/initxrk' [ Not found ]
[19:30:17] Checking for file '/usr/bin/null' [ Not found ]
[19:30:17] Checking for file '/usr/share/locale/sk/.sk12/sk' [ Not found ]
[19:30:17] Checking for file '/etc/rc.d/rc0.d/S23kmdac' [ Not found ]
[19:30:18] Checking for file '/etc/rc.d/rc1.d/S23kmdac' [ Not found ]
[19:30:18] Checking for file '/etc/rc.d/rc2.d/S23kmdac' [ Not found ]
[19:30:18] Checking for file '/etc/rc.d/rc3.d/S23kmdac' [ Not found ]
[19:30:18] Checking for file '/etc/rc.d/rc4.d/S23kmdac' [ Not found ]
[19:30:18] Checking for file '/etc/rc.d/rc5.d/S23kmdac' [ Not found ]
[19:30:18] Checking for file '/etc/rc.d/rc6.d/S23kmdac' [ Not found ]
[19:30:18] Checking for directory '/dev/sdhu0/tehdrakg' [ Not found ]
[19:30:18] Checking for directory '/etc/.MG' [ Not found ]
[19:30:18] Checking for directory '/usr/share/locale/sk/.sk12' [ Not found ]
[19:30:19] Checking for directory '/usr/lib/perl5/site_perl/i386-linux/auto/TimeDate/.packlist' [ Not found ]
[19:30:19] Suckit Rootkit [ Not found ]
[19:30:19]
[19:30:19] Checking for SunOS Rootkit...
[19:30:19] Checking for file '/etc/ld.so.hash' [ Not found ]
[19:30:19] Checking for file '/lib/libext-2.so.7' [ Not found ]
[19:30:19] Checking for file '/usr/bin/ssh2d' [ Not found ]
[19:30:19] Checking for file '/bin/xlogin' [ Not found ]
[19:30:19] Checking for file '/usr/lib/crth.o' [ Not found ]
[19:30:19] Checking for file '/usr/lib/crtz.o' [ Not found ]
[19:30:20] Checking for file '/sbin/login' [ Not found ]
[19:30:20] Checking for file '/lib/security/.config/sn' [ Not found ]
[19:30:20] Checking for file '/lib/security/.config/lpsched' [ Not found ]
[19:30:20] Checking for file '/dev/kmod' [ Not found ]
[19:30:20] Checking for file '/dev/dos' [ Not found ]
[19:30:20] SunOS Rootkit [ Not found ]
[19:30:20]
[19:30:20] Checking for SunOS / NSDAP Rootkit...
[19:30:20] Checking for file '/usr/lib/vold/nsdap/.kit' [ Not found ]
[19:30:21] Checking for file '/usr/lib/vold/nsdap/defines' [ Not found ]
[19:30:21] Checking for file '/usr/lib/vold/nsdap/patcher' [ Not found ]
[19:30:21] Checking for file '/usr/lib/vold/nsdap/pg' [ Not found ]
[19:30:21] Checking for file '/usr/lib/vold/nsdap/cleaner' [ Not found ]
[19:30:21] Checking for file '/usr/lib/vold/nsdap/utime' [ Not found ]
[19:30:21] Checking for file '/usr/lib/vold/nsdap/crypt' [ Not found ]
[19:30:21] Checking for file '/usr/lib/vold/nsdap/findkit' [ Not found ]
[19:30:21] Checking for file '/usr/lib/vold/nsdap/sn2' [ Not found ]
[19:30:21] Checking for file '/usr/lib/vold/nsdap/sniffload' [ Not found ]
[19:30:22] Checking for file '/usr/lib/vold/nsdap/runsniff' [ Not found ]
[19:30:22] Checking for file '/usr/lib/lpset' [ Not found ]
[19:30:22] Checking for directory '/usr/lib/vold/nsdap' [ Not found ]
[19:30:22] SunOS / NSDAP Rootkit [ Not found ]
[19:30:22]
[19:30:22] Checking for Superkit Rootkit...
[19:30:22] Checking for file '/usr/man/.sman/sk' [ Not found ]
[19:30:22] Superkit Rootkit [ Not found ]
[19:30:22]
[19:30:22] Checking for TBD (Telnet BackDoor)...
[19:30:22] Checking for file '/usr/lib/.tbd' [ Not found ]
[19:30:23] TBD (Telnet BackDoor) [ Not found ]
[19:30:23]
[19:30:23] Checking for TeLeKiT Rootkit...
[19:30:23] Checking for file '/usr/man/man3/.../TeLeKiT/bin/sniff' [ Not found ]
[19:30:23] Checking for file '/usr/man/man3/.../TeLeKiT/bin/telnetd' [ Not found ]
[19:30:23] Checking for file '/usr/man/man3/.../TeLeKiT/bin/teleulo' [ Not found ]
[19:30:23] Checking for file '/usr/man/man3/.../cl' [ Not found ]
[19:30:23] Checking for file '/dev/ptyr' [ Not found ]
[19:30:23] Checking for file '/dev/ptyp' [ Not found ]
[19:30:23] Checking for file '/dev/ptyq' [ Not found ]
[19:30:24] Checking for file '/dev/hda06' [ Not found ]
[19:30:24] Checking for file '/usr/info/libc1.so' [ Not found ]
[19:30:24] Checking for directory '/usr/man/man3/...' [ Not found ]
[19:30:24] Checking for directory '/usr/man/man3/.../lsniff' [ Not found ]
[19:30:24] Checking for directory '/usr/man/man3/.../TeLeKiT' [ Not found ]
[19:30:24] TeLeKiT Rootkit [ Not found ]
[19:30:24]
[19:30:24] Checking for T0rn Rootkit...
[19:30:24] Checking for file '/dev/.lib/lib/lib/t0rns' [ Not found ]
[19:30:24] Checking for file '/dev/.lib/lib/lib/du' [ Not found ]
[19:30:25] Checking for file '/dev/.lib/lib/lib/ls' [ Not found ]
[19:30:25] Checking for file '/dev/.lib/lib/lib/t0rnsb' [ Not found ]
[19:30:25] Checking for file '/dev/.lib/lib/lib/ps' [ Not found ]
[19:30:25] Checking for file '/dev/.lib/lib/lib/t0rnp' [ Not found ]
[19:30:25] Checking for file '/dev/.lib/lib/lib/find' [ Not found ]
[19:30:25] Checking for file '/dev/.lib/lib/lib/ifconfig' [ Not found ]
[19:30:25] Checking for file '/dev/.lib/lib/lib/pg' [ Not found ]
[19:30:25] Checking for file '/dev/.lib/lib/lib/ssh.tgz' [ Not found ]
[19:30:25] Checking for file '/dev/.lib/lib/lib/top' [ Not found ]
[19:30:26] Checking for file '/dev/.lib/lib/lib/sz' [ Not found ]
[19:30:26] Checking for file '/dev/.lib/lib/lib/login' [ Not found ]
[19:30:26] Checking for file '/dev/.lib/lib/lib/in.fingerd' [ Not found ]
[19:30:26] Checking for file '/dev/.lib/lib/lib/1i0n.sh' [ Not found ]
[19:30:26] Checking for file '/dev/.lib/lib/lib/pstree' [ Not found ]
[19:30:26] Checking for file '/dev/.lib/lib/lib/in.telnetd' [ Not found ]
[19:30:26] Checking for file '/dev/.lib/lib/lib/mjy' [ Not found ]
[19:30:26] Checking for file '/dev/.lib/lib/lib/sush' [ Not found ]
[19:30:27] Checking for file '/dev/.lib/lib/lib/tfn' [ Not found ]
[19:30:27] Checking for file '/dev/.lib/lib/lib/name' [ Not found ]
[19:30:27] Checking for file '/dev/.lib/lib/lib/getip.sh' [ Not found ]
[19:30:27] Checking for file '/usr/info/.torn/sh*' [ Not found ]
[19:30:27] Checking for file '/usr/src/.[*****]/.1addr' [ Not found ]
[19:30:27] Checking for file '/usr/src/.[*****]/.1file' [ Not found ]
[19:30:27] Checking for file '/usr/src/.[*****]/.1proc' [ Not found ]
[19:30:27] Checking for file '/usr/src/.[*****]/.1logz' [ Not found ]
[19:30:27] Checking for file '/usr/info/.t0rn' [ Not found ]
[19:30:28] Checking for directory '/dev/.lib' [ Not found ]
[19:30:28] Checking for directory '/dev/.lib/lib' [ Not found ]
[19:30:28] Checking for directory '/dev/.lib/lib/lib' [ Not found ]
[19:30:28] Checking for directory '/dev/.lib/lib/lib/dev' [ Not found ]
[19:30:28] Checking for directory '/dev/.lib/lib/scan' [ Not found ]
[19:30:28] Checking for directory '/usr/src/.[*****]' [ Not found ]
[19:30:28] Checking for directory '/usr/man/man1/man1' [ Not found ]
[19:30:28] Checking for directory '/usr/man/man1/man1/lib' [ Not found ]
[19:30:29] Checking for directory '/usr/man/man1/man1/lib/.lib' [ Not found ]
[19:30:29] Checking for directory '/usr/man/man1/man1/lib/.lib/.backup' [ Not found ]
[19:30:29] T0rn Rootkit [ Not found ]
[19:30:29]
[19:30:29] Checking for Trojanit Kit...
[19:30:29] Checking for file '/bin/.ls' [ Not found ]
[19:30:29] Checking for file '/bin/.ps' [ Not found ]
[19:30:29] Checking for file '/bin/.netstat' [ Not found ]
[19:30:29] Checking for file '/usr/bin/.nop' [ Not found ]
[19:30:29] Checking for file '/usr/bin/.who' [ Not found ]
[19:30:30] Trojanit Kit [ Not found ]
[19:30:30]
[19:30:30] Checking for Tuxtendo Rootkit...
[19:30:30] Checking for file '/dev/tux/.addr' [ Not found ]
[19:30:30] Checking for file '/dev/tux/.cron' [ Not found ]
[19:30:30] Checking for file '/dev/tux/.file' [ Not found ]
[19:30:30] Checking for file '/dev/tux/.log' [ Not found ]
[19:30:30] Checking for file '/dev/tux/.proc' [ Not found ]
[19:30:30] Checking for file '/dev/tux/backup/crontab' [ Not found ]
[19:30:30] Checking for file '/dev/tux/backup/df' [ Not found ]
[19:30:31] Checking for file '/dev/tux/backup/dir' [ Not found ]
[19:30:31] Checking for file '/dev/tux/backup/find' [ Not found ]
[19:30:31] Checking for file '/dev/tux/backup/ifconfig' [ Not found ]
[19:30:31] Checking for file '/dev/tux/backup/locate' [ Not found ]
[19:30:31] Checking for file '/dev/tux/backup/netstat' [ Not found ]
[19:30:31] Checking for file '/dev/tux/backup/ps' [ Not found ]
[19:30:31] Checking for file '/dev/tux/backup/pstree' [ Not found ]
[19:30:31] Checking for file '/dev/tux/backup/syslogd' [ Not found ]
[19:30:32] Checking for file '/dev/tux/backup/tcpd' [ Not found ]
[19:30:32] Checking for file '/dev/tux/backup/top' [ Not found ]
[19:30:32] Checking for file '/dev/tux/backup/updatedb' [ Not found ]
[19:30:32] Checking for file '/dev/tux/backup/vdir' [ Not found ]
[19:30:32] Checking for directory '/dev/tux' [ Not found ]
[19:30:32] Checking for directory '/dev/tux/ssh2' [ Not found ]
[19:30:32] Checking for directory '/dev/tux/backup' [ Not found ]
[19:30:32] Tuxtendo Rootkit [ Not found ]
[19:30:33]
[19:30:33] Checking for URK Rootkit...
[19:30:33] Checking for file '/usr/man/man1/xxxxxxbin/find' [ Not found ]
[19:30:33] Checking for file '/usr/man/man1/xxxxxxbin/du' [ Not found ]
[19:30:33] Checking for file '/usr/man/man1/xxxxxxbin/ps' [ Not found ]
[19:30:33] Checking for file '/tmp/conf.inf' [ Not found ]
[19:30:33] Checking for directory '/usr/man/man1/xxxxxxbin' [ Not found ]
[19:30:33] URK Rootkit [ Not found ]
[19:30:33]
[19:30:33] Checking for Vampire Rootkit...
[19:30:34] Checking for kernel symbol 'new_getdents' [ Not found ]
[19:30:34] Checking for kernel symbol 'old_getdents' [ Not found ]
[19:30:34] Checking for kernel symbol 'should_hide_file_name' [ Not found ]
[19:30:34] Checking for kernel symbol 'should_hide_task_name' [ Not found ]
[19:30:34] Vampire Rootkit [ Not found ]
[19:30:34]
[19:30:34] Checking for VcKit Rootkit...
[19:30:35] Checking for directory '/usr/include/linux/modules/lib.so' [ Not found ]
[19:30:35] Checking for directory '/usr/include/linux/modules/lib.so/bin' [ Not found ]
[19:30:35] VcKit Rootkit [ Not found ]
[19:30:35]
[19:30:35] Checking for Volc Rootkit...
[19:30:35] Checking for directory '/var/spool/.recent' [ Not found ]
[19:30:35] Checking for directory '/var/spool/.recent/.files' [ Not found ]
[19:30:35] Checking for directory '/usr/lib/volc' [ Not found ]
[19:30:35] Checking for directory '/usr/lib/volc/backup' [ Not found ]
[19:30:35] Volc Rootkit [ Not found ]
[19:30:36]
[19:30:36] Checking for X-Org SunOS Rootkit...
[19:30:36] Checking for file '/usr/lib/libX.a/bin/tmpfl' [ Not found ]
[19:30:36] Checking for file '/usr/lib/libX.a/bin/rps' [ Not found ]
[19:30:36] Checking for file '/usr/bin/srload' [ Not found ]
[19:30:36] Checking for file '/usr/lib/libX.a/bin/sparcv7/rps' [ Not found ]
[19:30:36] Checking for file '/usr/sbin/modcheck' [ Not found ]
[19:30:36] Checking for directory '/usr/lib/libX.a' [ Not found ]
[19:30:36] Checking for directory '/usr/lib/libX.a/bin' [ Not found ]
[19:30:37] Checking for directory '/usr/lib/libX.a/bin/sparcv7' [ Not found ]
[19:30:37] Checking for directory '/usr/share/man...' [ Not found ]
[19:30:37] X-Org SunOS Root

pogo
(usa Fedora)

Enviado em 14/02/2009 - 23:09h

de acordo com o seu log, o programa está reclamando pq alguns comandos foram substituídos por scripts shell (eu só me lembro do aviso do which no seu log agora heheh)... se não foi você quem fez isso, é melhor dar uma olhada neles pois pode ser que seu servidor tenha sido comprometido e estes comandos substituídos para esconder alguma coisa.

[]'s

pogo

alesirj
(usa Debian)

Enviado em 15/02/2009 - 00:01h

vou dar uma olhada sim, mas uma pessoa lá do Fórum do BigLinux, a distro que estou usando, falou pra eu ficar tranquilo... Não sei se por um acaso seria algum script modificado mesmo pela distro Big, não seria isso?