Autore Topic: Possibili problemi di sicurezza sul mio server da watchdog  (Letto 442330 volte)

Offline no_stress

  • Jr. Member
  • **
  • Post: 44
    • Mostra profilo
mi sono arrivate 2 email del server che dice che potrebbero esserci problemi di sicurezza....
Vi incollo il contenuto... sono molto lunghi quindi magari utilizzero' piu' post, sapete dirmi di che si tratta e come risolvere?

Please inspect this machine, because it may be infected. Scan log:
[01:00:07] Running Rootkit Hunter version 1.3.4 on ischiahotel
[01:00:07]
[01:00:07] Info: Start date is lun 30 apr 2012, 01.00.07, CEST
[01:00:07]
[01:00:07] Checking configuration file and command-line options...
[01:00:07] Info: Detected operating system is 'Linux'
[01:00:07] Info: Uname output is 'Linux ischiahotel.net 2.6.32-220.7.1.el6.x86_64 #1 SMP Wed Mar 7 00:52:02 GMT 2012 x86_64 x86_64 x86_64 GNU/Linux'
[01:00:07] Info: Command line is /usr/local/psa/admin/sbin/modules//watchdog/rkhunter -c --configfile /usr/local/psa/etc/modules/watchdog/rkhunter.conf --cronjob --propupd --createlogfile
[01:00:07] Info: Environment shell is /bin/sh; rkhunter is using bash
[01:00:07] Info: Using configuration file '/usr/local/psa/etc/modules/watchdog/rkhunter.conf'
[01:00:07] Info: Installation directory is '/usr/local/psa'
[01:00:07] Info: Using language 'en'
[01:00:07] Info: Using '/usr/local/psa/var/modules/watchdog/lib/rkhunter/lib/rkhunter/db' as the database directory
[01:00:07] Info: Using '/usr/local/psa/var/modules/watchdog/lib/rkhunter/rkhunter/scripts' as the support script directory
[01:00:07] Info: Using '/usr/local/psa/admin/bin/modules/watchdog /usr/local/bin /usr/local/sbin /bin /sbin /usr/bin /usr/sbin /bin /usr/bin /sbin /usr/sbin /usr/local/bin /usr/local/sbin /usr/libexec /usr/local/libexec' as the command directories
[01:00:07] Info: Using '/' as the root directory by default
[01:00:07] Info: Using '/usr/local/psa/var/modules/watchdog/lib/rkhunter/lib/rkhunter/tmp' as the temporary directory
[01:00:07] Info: Emailing warnings to 'info@dirweb.it' using command '/usr/local/psa/admin/bin/modules/watchdog/send-mail'
[01:00:07] Info: X will be automatically detected
[01:00:07] Info: Found the 'diff' command: /usr/bin/diff
[01:00:07] Info: Found the 'file' command: /usr/bin/file
[01:00:07] Info: Found the 'find' command: /bin/find
[01:00:07] Info: Found the 'ifconfig' command: /sbin/ifconfig
[01:00:07] Info: Found the 'ip' command: /sbin/ip
[01:00:07] Info: Found the 'ldd' command: /usr/bin/ldd
[01:00:07] Info: Found the 'lsattr' command: /usr/bin/lsattr
[01:00:07] Info: Found the 'lsmod' command: /sbin/lsmod
[01:00:07] Info: Found the 'lsof' command: /usr/sbin/lsof
[01:00:07] Info: Found the 'mktemp' command: /bin/mktemp
[01:00:07] Info: Found the 'netstat' command: /bin/netstat
[01:00:07] Info: Found the 'perl' command: /usr/bin/perl
[01:00:07] Info: Found the 'ps' command: /bin/ps
[01:00:07] Info: Found the 'pwd' command: /bin/pwd
[01:00:07] Info: Found the 'readlink' command: /bin/readlink
[01:00:07] Info: Found the 'sort' command: /bin/sort
[01:00:07] Info: Found the 'stat' command: /usr/bin/stat
[01:00:07] Info: Found the 'strings' command: /usr/bin/strings
[01:00:07] Info: Found the 'uniq' command: /usr/bin/uniq
[01:00:07] Info: System is not using prelinking
[01:00:07] Info: Using the '/usr/bin/sha1sum' command for the file hash checks
[01:00:08] Info: The hash function field index is set to 1
[01:00:08] Info: Using package manager 'RPM' to update the file hash values
[01:00:08] Info: Found the 'rpm' command: /bin/rpm
[01:00:08] Info: Using package manager 'RPM' for file property checks
[01:00:08] Info: Found the 'rpm' command: /bin/rpm
[01:00:08] Info: Previous file attributes were stored
[01:00:08] Info: Current file attributes will be stored
[01:00:08] Info: Enabled tests are: all
[01:00:08] Info: Disabled tests are: suspscan hidden_procs deleted_files packet_cap_apps
[01:00:08] Info: Found ksym file '/proc/kallsyms'
[01:00:08]
[01:00:08] Info: Starting file properties data update...
[01:00:08] Info: Created temporary file '/usr/local/psa/var/modules/watchdog/lib/rkhunter/lib/rkhunter/tmp/rkhunter.dat.QuhR8J0cyy'
[01:00:08] Collecting O/S info...
[01:00:08] Info: Found system architecture: x86_64
[01:00:08] Info: Found release file: /etc/centos-release
[01:00:08] Info: Found O/S name: CentOS release 6.2 (Final)
[01:00:08] Getting file properties...
[01:00:11] Info: Found 38 files in /bin
[01:00:15] Info: Found 51 files in /usr/bin
[01:00:16] Info: Found 18 files in /sbin
[01:00:17] Info: Found 14 files in /usr/sbin
[01:00:17] Info: Found 0 files in /usr/local/bin
[01:00:17] Info: Found 0 files in /usr/local/sbin
[01:00:17] Info: Found 0 files in /usr/libexec
[01:00:17] Info: Found 0 files in /usr/local/libexec
[01:00:17] Info: File created: searched for 150 files, found 121
[01:00:17] Info: New rkhunter.dat file installed in '/usr/local/psa/var/modules/watchdog/lib/rkhunter/lib/rkhunter/db'
[01:00:17]
[01:00:17] Starting system checks...
[01:00:17]
[01:00:17] Checking system commands...
[01:00:17] Info: Starting test name 'system_commands'
[01:00:17]
[01:00:17] Performing 'strings' command checks
[01:00:17] Info: Starting test name 'strings'
[01:00:17] Scanning for string /usr/sbin/ntpsx               [ OK ]
[01:00:17] Scanning for string /usr/lib/.../ls               [ OK ]
[01:00:17] Scanning for string /usr/lib/.../netstat          [ OK ]
[01:00:17] Scanning for string /usr/lib/.../lsof             [ OK ]
[01:00:17] Scanning for string /usr/lib/.../bkit-ssh/bkit-shdcfg [ OK ]
[01:00:17] Scanning for string /usr/lib/.../bkit-ssh/bkit-shhk [ OK ]
[01:00:17] Scanning for string /usr/lib/.../bkit-ssh/bkit-pw [ OK ]
[01:00:17] Scanning for string /usr/lib/.../bkit-ssh/bkit-shrs [ OK ]
[01:00:17] Scanning for string /usr/lib/.../uconf.inv        [ OK ]
[01:00:17] Scanning for string /usr/lib/.../psr              [ OK ]
[01:00:17] Scanning for string /usr/lib/.../find             [ OK ]
[01:00:17] Scanning for string /usr/lib/.../pstree           [ OK ]
[01:00:17] Scanning for string /usr/lib/.../slocate          [ OK ]
[01:00:17] Scanning for string /usr/lib/.../du               [ OK ]
[01:00:17] Scanning for string /usr/lib/.../top              [ OK ]
[01:00:17] Scanning for string /usr/lib/...                  [ OK ]
[01:00:17] Scanning for string /usr/lib/.../bkit-ssh         [ OK ]
[01:00:17] Scanning for string /usr/lib/.bkit-               [ OK ]
[01:00:17] Scanning for string /tmp/.bkp                     [ OK ]
[01:00:18] Scanning for string /tmp/.cinik                   [ OK ]
[01:00:18] Scanning for string /tmp/.font-unix/.cinik        [ OK ]
[01:00:18] Scanning for string /lib/.sso                     [ OK ]
[01:00:18] Scanning for string /lib/.so                      [ OK ]
[01:00:18] Scanning for string /var/run/...dica/clean        [ OK ]
[01:00:18] Scanning for string /var/run/...dica/xl           [ OK ]
[01:00:18] Scanning for string /var/run/...dica/xdr          [ OK ]
[01:00:18] Scanning for string /var/run/...dica/psg          [ OK ]
[01:00:18] Scanning for string /var/run/...dica/secure       [ OK ]
[01:00:18] Scanning for string /var/run/...dica/rdx          [ OK ]
[01:00:18] Scanning for string /var/run/...dica/va           [ OK ]
[01:00:18] Scanning for string /var/run/...dica/cl.sh        [ OK ]
[01:00:18] Scanning for string /usr/bin/.etc                 [ OK ]
[01:00:18] Scanning for string /usr/lib/.fx/sched_host.2     [ OK ]
[01:00:18] Scanning for string /usr/lib/.fx/random_d.2       [ OK ]
[01:00:18] Scanning for string /usr/lib/.fx/set_pid.2        [ OK ]
[01:00:18] Scanning for string /usr/lib/.fx/cons.saver       [ OK ]
[01:00:18] Scanning for string /usr/lib/.fx/adore/adore/adore.ko [ OK ]
[01:00:18] Scanning for string /bin/sysback                  [ OK ]
[01:00:18] Scanning for string /usr/local/bin/sysback        [ OK ]
[01:00:18] Scanning for string /usr/lib/.tbd                 [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/t0rns       [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/du          [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/ls          [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/t0rnsb      [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/ps          [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/t0rnp       [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/find        [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/ifconfig    [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/pg          [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/ssh.tgz     [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/top         [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/sz          [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/login       [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/in.fingerd  [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/1i0n.sh     [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/pstree      [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/in.telnetd  [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/mjy         [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/sush        [ OK ]
[01:00:18] Scanning for string /dev/.lib/lib/lib/tfn         [ OK ]
[01:00:19] Scanning for string /dev/.lib/lib/lib/name        [ OK ]
[01:00:19] Scanning for string /dev/.lib/lib/lib/getip.sh    [ OK ]
[01:00:19] Scanning for string /usr/info/.torn/sh*           [ OK ]
[01:00:19] Scanning for string /usr/src/.puta/.1addr         [ OK ]
[01:00:19] Scanning for string /usr/src/.puta/.1file         [ OK ]
[01:00:19] Scanning for string /usr/src/.puta/.1proc         [ OK ]
[01:00:19] Scanning for string /usr/src/.puta/.1logz         [ OK ]
[01:00:19] Scanning for string /usr/info/.t0rn               [ OK ]
[01:00:19] Scanning for string /dev/.lib                     [ OK ]
[01:00:19] Scanning for string /dev/.lib/lib                 [ OK ]
[01:00:19] Scanning for string /dev/.lib/lib/lib             [ OK ]
[01:00:19] Scanning for string /dev/.lib/lib/lib/dev         [ OK ]
[01:00:19] Scanning for string /dev/.lib/lib/scan            [ OK ]
[01:00:19] Scanning for string /usr/src/.puta                [ OK ]
[01:00:19] Scanning for string /usr/man/man1/man1            [ OK ]
[01:00:19] Scanning for string /usr/man/man1/man1/lib        [ OK ]
[01:00:19] Scanning for string /usr/man/man1/man1/lib/.lib   [ OK ]
[01:00:19] Scanning for string /usr/man/man1/man1/lib/.lib/.backup [ OK ]
[01:00:19]
[01:00:19] Performing 'shared libraries' checks
[01:00:19] Info: Starting test name 'shared_libs'
[01:00:19] Checking for preloading variables                 [ None found ]
[01:00:19] Checking for preload file                         [ Not found ]
[01:00:19] Info: Starting test name 'shared_libs_path'
[01:00:19] Checking LD_LIBRARY_PATH variable                 [ Not found ]
[01:00:19]
[01:00:19] Performing file properties checks
[01:00:19] Info: Starting test name 'properties'
[01:00:19] Warning: Checking for prerequisites               [ Warning ]
[01:00:19]          All file hash checks will be skipped because:
[01:00:19]              The current hash function (/usr/bin/sha1sum) or package manager (RPM) is incompatible with the hash function (Unset) or package manager (Unset) used to store the values.
[01:00:20] /bin/awk                                          [ OK ]
[01:00:21] /bin/basename                                     [ OK ]
[01:00:22] /bin/bash                                         [ OK ]
[01:00:22] /bin/cat                                          [ OK ]
[01:00:22] /bin/chmod                                        [ OK ]
[01:00:22] /bin/chown                                        [ OK ]
[01:00:22] /bin/cp                                           [ OK ]
[01:00:23] /bin/cut                                          [ OK ]
[01:00:23] /bin/date                                         [ OK ]
[01:00:23] /bin/df                                           [ OK ]
[01:00:24] /bin/dmesg                                        [ OK ]
[01:00:24] /bin/echo                                         [ OK ]
[01:00:24] /bin/egrep                                        [ OK ]
[01:00:24] Info: Found file '/bin/egrep': it is whitelisted for the 'script replacement' check.
[01:00:25] /bin/env                                          [ OK ]
[01:00:25] /bin/fgrep                                        [ OK ]
[01:00:25] Info: Found file '/bin/fgrep': it is whitelisted for the 'script replacement' check.
[01:00:25] /bin/find                                         [ OK ]
[01:00:25] /bin/grep                                         [ OK ]
[01:00:25] /bin/kill                                         [ OK ]
[01:00:25] /bin/login                                        [ OK ]
[01:00:26] /bin/ls                                           [ OK ]
[01:00:26] /bin/mail                                         [ OK ]
[01:00:26] /bin/mktemp                                       [ OK ]
[01:00:26] /bin/more                                         [ OK ]
[01:00:26] /bin/mount                                        [ OK ]
[01:00:26] /bin/mv                                           [ OK ]
[01:00:27] /bin/netstat                                      [ OK ]
[01:00:27] /bin/ps                                           [ OK ]
[01:00:27] /bin/pwd                                          [ OK ]
[01:00:27] /bin/readlink                                     [ OK ]
[01:00:28] /bin/rpm                                          [ OK ]
[01:00:28] /bin/sed                                          [ OK ]
[01:00:28] /bin/sh                                           [ OK ]
[01:00:28] /bin/sort                                         [ OK ]
[01:00:28] /bin/su                                           [ OK ]
[01:00:29] /bin/touch                                        [ OK ]
[01:00:29] /bin/uname                                        [ OK ]
[01:00:29] /bin/gawk                                         [ OK ]
[01:00:29] /bin/mailx                                        [ OK ]
[01:00:29] /usr/bin/awk                                      [ OK ]
[01:00:30] /usr/bin/chattr                                   [ OK ]
[01:00:30] /usr/bin/curl                                     [ OK ]
[01:00:30] /usr/bin/cut                                      [ OK ]
[01:00:30] /usr/bin/diff                                     [ OK ]
[01:00:30] /usr/bin/dirname                                  [ OK ]
[01:00:30] /usr/bin/du                                       [ OK ]
[01:00:31] /usr/bin/env                                      [ OK ]
[01:00:31] /usr/bin/file                                     [ OK ]
[01:00:31] /usr/bin/find                                     [ OK ]
[01:00:31] /usr/bin/GET                                      [ Warning ]
[01:00:31] Warning: The command '/usr/bin/GET' has been replaced by a script: /usr/bin/GET: a /usr/bin/perl -w script text executable
[01:00:31] /usr/bin/groups                                   [ OK ]
[01:00:31] Info: Found file '/usr/bin/groups': it is whitelisted for the 'script replacement' check.

Offline no_stress

  • Jr. Member
  • **
  • Post: 44
    • Mostra profilo
Re: Possibili problemi di sicurezza sul mio server da watchdog
« Risposta #1 il: 30 Aprile 2012, 01:37:28 »
[01:00:32] /usr/bin/head                                     [ OK ]
[01:00:32] /usr/bin/id                                       [ OK ]
[01:00:32] /usr/bin/kill                                     [ OK ]
[01:00:32] /usr/bin/killall                                  [ OK ]
[01:00:32] /usr/bin/last                                     [ OK ]
[01:00:34] /usr/bin/lastlog                                  [ OK ]
[01:00:35] /usr/bin/ldd                                      [ OK ]
[01:00:35] Info: Found file '/usr/bin/ldd': it is whitelisted for the 'script replacement' check.
[01:00:35] /usr/bin/less                                     [ OK ]
[01:00:35] /usr/bin/logger                                   [ OK ]
[01:00:35] /usr/bin/lsattr                                   [ OK ]
[01:00:36] /usr/bin/lynx                                     [ OK ]
[01:00:36] /usr/bin/md5sum                                   [ OK ]
[01:00:36] /usr/bin/newgrp                                   [ OK ]
[01:00:36] /usr/bin/passwd                                   [ OK ]
[01:00:36] Info: Found file '/usr/bin/passwd': it is whitelisted for the 'file immutable-bit' check.
[01:00:39] /usr/bin/perl                                     [ OK ]
[01:00:39] /usr/bin/pstree                                   [ OK ]
[01:00:39] /usr/bin/readlink                                 [ OK ]
[01:00:40] /usr/bin/runcon                                   [ OK ]
[01:00:40] /usr/bin/sha1sum                                  [ OK ]
[01:00:40] /usr/bin/size                                     [ OK ]
[01:00:40] /usr/bin/stat                                     [ OK ]
[01:00:41] /usr/bin/strings                                  [ OK ]
[01:00:41] /usr/bin/sudo                                     [ OK ]
[01:00:41] /usr/bin/tail                                     [ OK ]
[01:00:41] /usr/bin/test                                     [ OK ]
[01:00:41] /usr/bin/top                                      [ OK ]
[01:00:41] /usr/bin/tr                                       [ OK ]
[01:00:41] /usr/bin/uniq                                     [ OK ]
[01:00:42] /usr/bin/users                                    [ OK ]
[01:00:42] /usr/bin/vmstat                                   [ OK ]
[01:00:42] /usr/bin/w                                        [ OK ]
[01:00:42] /usr/bin/watch                                    [ OK ]
[01:00:42] /usr/bin/wc                                       [ OK ]
[01:00:42] /usr/bin/wget                                     [ OK ]
[01:00:43] /usr/bin/whereis                                  [ OK ]
[01:00:43] /usr/bin/which                                    [ OK ]
[01:00:43] /usr/bin/who                                      [ OK ]
[01:00:43] /usr/bin/whoami                                   [ OK ]
[01:00:43] /usr/bin/gawk                                     [ OK ]
[01:00:44] /sbin/chkconfig                                   [ OK ]
[01:00:44] /sbin/depmod                                      [ OK ]
[01:00:44] /sbin/fuser                                       [ OK ]
[01:00:44] /sbin/ifconfig                                    [ OK ]
[01:00:45] /sbin/ifdown                                      [ Warning ]
[01:00:45] Warning: The command '/sbin/ifdown' has been replaced by a script: /sbin/ifdown: Bourne-Again shell script text executable
[01:00:45] /sbin/ifup                                        [ Warning ]
[01:00:45] Warning: The command '/sbin/ifup' has been replaced by a script: /sbin/ifup: Bourne-Again shell script text executable
[01:00:46] /sbin/init                                        [ OK ]
[01:00:46] Info: Found file '/sbin/init': it is whitelisted for the 'file immutable-bit' check.
[01:00:46] /sbin/insmod                                      [ OK ]
[01:00:46] /sbin/ip                                          [ OK ]
[01:00:46] /sbin/lsmod                                       [ OK ]
[01:00:46] /sbin/modinfo                                     [ OK ]
[01:00:47] /sbin/modprobe                                    [ OK ]
[01:00:47] /sbin/nologin                                     [ OK ]
[01:00:47] /sbin/rmmod                                       [ OK ]
[01:00:47] /sbin/rsyslogd                                    [ OK ]
[01:00:47] /sbin/runlevel                                    [ OK ]
[01:00:48] /sbin/sulogin                                     [ OK ]
[01:00:48] /sbin/sysctl                                      [ OK ]
[01:00:48] /usr/sbin/adduser                                 [ OK ]
[01:00:48] Info: Found file '/usr/sbin/adduser': it is whitelisted for the 'script replacement' check.
[01:00:48] /usr/sbin/chroot                                  [ OK ]
[01:00:48] /usr/sbin/groupadd                                [ OK ]
[01:00:48] /usr/sbin/groupdel                                [ OK ]
[01:00:48] /usr/sbin/groupmod                                [ OK ]
[01:00:49] /usr/sbin/grpck                                   [ OK ]
[01:00:49] /usr/sbin/lsof                                    [ OK ]
[01:00:49] /usr/sbin/pwck                                    [ OK ]
[01:00:50] /usr/sbin/sestatus                                [ OK ]
[01:00:50] /usr/sbin/useradd                                 [ OK ]
[01:00:50] /usr/sbin/userdel                                 [ OK ]
[01:00:50] /usr/sbin/usermod                                 [ OK ]
[01:00:51] /usr/sbin/vipw                                    [ OK ]
[01:00:51] /usr/sbin/xinetd                                  [ OK ]
[01:00:53]
[01:00:53] Checking for rootkits...
[01:00:53] Info: Starting test name 'rootkits'
[01:00:53]
[01:00:53] Performing check of known rootkit files and directories
[01:00:53] Info: Starting test name 'known_rkts'
[01:00:53]
[01:00:53] Checking for 55808 Trojan - Variant A...
[01:00:53]   Checking for file '/tmp/.../r'                  [ Not found ]
[01:00:53]   Checking for file '/tmp/.../a'                  [ Not found ]
[01:00:53] 55808 Trojan - Variant A                          [ Not found ]
[01:00:53]
[01:00:53] Checking for ADM Worm...
[01:00:53]   Checking for string 'w0rm'                      [ Not found ]
[01:00:53] ADM Worm                                          [ Not found ]
[01:00:53]
[01:00:53] Checking for AjaKit Rootkit...
[01:00:53]   Checking for file '/dev/tux/.addr'              [ Not found ]
[01:00:53]   Checking for file '/dev/tux/.proc'              [ Not found ]
[01:00:54]   Checking for file '/dev/tux/.file'              [ Not found ]
[01:00:54]   Checking for file '/lib/.libgh-gh/cleaner'      [ Not found ]
[01:00:54]   Checking for file '/lib/.libgh-gh/Patch/patch'  [ Not found ]
[01:00:54]   Checking for file '/lib/.libgh-gh/sb0k'         [ Not found ]
[01:00:54]   Checking for directory '/dev/tux'               [ Not found ]
[01:00:54]   Checking for directory '/lib/.libgh-gh'         [ Not found ]
[01:00:54] AjaKit Rootkit                                    [ Not found ]
[01:00:54]
[01:00:54] Checking for aPa Kit...
[01:00:54]   Checking for file '/usr/share/.aPa'             [ Not found ]
[01:00:54] aPa Kit                                           [ Not found ]
[01:00:54]
[01:00:54] Checking for Apache Worm...
[01:00:54]   Checking for file '/bin/.log'                   [ Not found ]
[01:00:54] Apache Worm                                       [ Not found ]
[01:00:54]
[01:00:54] Checking for Ambient (ark) Rootkit...
[01:00:54]   Checking for file '/usr/lib/.ark?'              [ Not found ]
[01:00:54]   Checking for file '/dev/ptyxx/.log'             [ Not found ]
[01:00:54]   Checking for file '/dev/ptyxx/.file'            [ Not found ]
[01:00:54]   Checking for directory '/dev/ptyxx'             [ Not found ]
[01:00:54] Ambient (ark) Rootkit                             [ Not found ]
[01:00:54]
[01:00:54] Checking for Balaur Rootkit...
[01:00:54]   Checking for file '/usr/lib/liblog.o'           [ Not found ]
[01:00:54]   Checking for directory '/usr/lib/.kinetic'      [ Not found ]
[01:00:54]   Checking for directory '/usr/lib/.egcs'         [ Not found ]
[01:00:54]   Checking for directory '/usr/lib/.wormie'       [ Not found ]
[01:00:54] Balaur Rootkit                                    [ Not found ]
[01:00:54]
[01:00:54] Checking for BeastKit Rootkit...
[01:00:54]   Checking for file '/usr/sbin/arobia'            [ Not found ]
[01:00:54]   Checking for file '/usr/sbin/idrun'             [ Not found ]
[01:00:54]   Checking for file '/usr/lib/elm/arobia/elm'     [ Not found ]
[01:00:54]   Checking for file '/usr/lib/elm/arobia/elm/hk'  [ Not found ]
[01:00:54]   Checking for file '/usr/lib/elm/arobia/elm/hk.pub' [ Not found ]
[01:00:54]   Checking for file '/usr/lib/elm/arobia/elm/sc'  [ Not found ]
[01:00:54]   Checking for file '/usr/lib/elm/arobia/elm/sd.pp' [ Not found ]
[01:00:54]   Checking for file '/usr/lib/elm/arobia/elm/sdco' [ Not found ]
[01:00:54]   Checking for file '/usr/lib/elm/arobia/elm/srsd' [ Not found ]
[01:00:54]   Checking for directory '/lib/ldd.so/bktools'    [ Not found ]

Offline no_stress

  • Jr. Member
  • **
  • Post: 44
    • Mostra profilo
Re: Possibili problemi di sicurezza sul mio server da watchdog
« Risposta #2 il: 30 Aprile 2012, 01:37:42 »
[01:00:54] BeastKit Rootkit                                  [ Not found ]
[01:00:54]
[01:00:54] Checking for beX2 Rootkit...
[01:00:54]   Checking for directory '/usr/include/bex'       [ Not found ]
[01:00:54] beX2 Rootkit                                      [ Not found ]
[01:00:54]
[01:00:54] Checking for BOBKit Rootkit...
[01:00:54]   Checking for file '/usr/sbin/ntpsx'             [ Not found ]
[01:00:54]   Checking for file '/usr/lib/.../ls'             [ Not found ]
[01:00:55]   Checking for file '/usr/lib/.../netstat'        [ Not found ]
[01:00:55]   Checking for file '/usr/lib/.../lsof'           [ Not found ]
[01:00:55]   Checking for file '/usr/lib/.../bkit-ssh/bkit-shdcfg' [ Not found ]
[01:00:55]   Checking for file '/usr/lib/.../bkit-ssh/bkit-shhk' [ Not found ]
[01:00:55]   Checking for file '/usr/lib/.../bkit-ssh/bkit-pw' [ Not found ]
[01:00:55]   Checking for file '/usr/lib/.../bkit-ssh/bkit-shrs' [ Not found ]
[01:00:55]   Checking for file '/usr/lib/.../uconf.inv'      [ Not found ]
[01:00:55]   Checking for file '/usr/lib/.../psr'            [ Not found ]
[01:00:55]   Checking for file '/usr/lib/.../find'           [ Not found ]
[01:00:55]   Checking for file '/usr/lib/.../pstree'         [ Not found ]
[01:00:55]   Checking for file '/usr/lib/.../slocate'        [ Not found ]
[01:00:55]   Checking for file '/usr/lib/.../du'             [ Not found ]
[01:00:55]   Checking for file '/usr/lib/.../top'            [ Not found ]
[01:00:55]   Checking for directory '/usr/lib/...'           [ Not found ]
[01:00:55]   Checking for directory '/usr/lib/.../bkit-ssh'  [ Not found ]
[01:00:55]   Checking for directory '/usr/lib/.bkit-'        [ Not found ]
[01:00:55]   Checking for directory '/tmp/.bkp'              [ Not found ]
[01:00:55] BOBKit Rootkit                                    [ Not found ]
[01:00:55]
[01:00:55] Checking for CiNIK Worm (Slapper.B variant)...
[01:00:55]   Checking for file '/tmp/.cinik'                 [ Not found ]
[01:00:55]   Checking for directory '/tmp/.font-unix/.cinik' [ Not found ]
[01:00:55] CiNIK Worm (Slapper.B variant)                    [ Not found ]
[01:00:55]
[01:00:55] Checking for Danny-Boy's Abuse Kit...
[01:00:55]   Checking for file '/dev/mdev'                   [ Not found ]
[01:00:55]   Checking for file '/usr/lib/libX.a'             [ Not found ]
[01:00:55] Danny-Boy's Abuse Kit                             [ Not found ]
[01:00:55]
[01:00:55] Checking for Devil RootKit...
[01:00:55]   Checking for file '/var/lib/games/.src'         [ Not found ]
[01:00:55]   Checking for file '/dev/dsx'                    [ Not found ]
[01:00:55]   Checking for file '/dev/caca'                   [ Not found ]
[01:00:55] Devil RootKit                                     [ Not found ]
[01:00:55]
[01:00:55] Checking for Dica-Kit Rootkit...
[01:00:55]   Checking for file '/lib/.sso'                   [ Not found ]
[01:00:55]   Checking for file '/lib/.so'                    [ Not found ]
[01:00:55]   Checking for file '/var/run/...dica/clean'      [ Not found ]
[01:00:55]   Checking for file '/var/run/...dica/xl'         [ Not found ]
[01:00:55]   Checking for file '/var/run/...dica/xdr'        [ Not found ]
[01:00:55]   Checking for file '/var/run/...dica/psg'        [ Not found ]
[01:00:55]   Checking for file '/var/run/...dica/secure'     [ Not found ]
[01:00:55]   Checking for file '/var/run/...dica/rdx'        [ Not found ]
[01:00:56]   Checking for file '/var/run/...dica/va'         [ Not found ]
[01:00:56]   Checking for file '/var/run/...dica/cl.sh'      [ Not found ]
[01:00:56]   Checking for file '/usr/bin/.etc'               [ Not found ]
[01:00:56]   Checking for directory '/var/run/...dica'       [ Not found ]
[01:00:56]   Checking for directory '/var/run/...dica/mh'    [ Not found ]
[01:00:56]   Checking for directory '/var/run/...dica/scan'  [ Not found ]
[01:00:56] Dica-Kit Rootkit                                  [ Not found ]
[01:00:56]
[01:00:56] Checking for Dreams Rootkit...
[01:00:56]   Checking for file '/dev/ttyoa'                  [ Not found ]
[01:00:56]   Checking for file '/dev/ttyof'                  [ Not found ]
[01:00:56]   Checking for file '/dev/ttyop'                  [ Not found ]
[01:00:56]   Checking for file '/usr/bin/sense'              [ Not found ]
[01:00:56]   Checking for file '/usr/bin/sl2'                [ Not found ]
[01:00:56]   Checking for file '/usr/bin/logclear'           [ Not found ]
[01:00:56]   Checking for file '/usr/bin/(swapd)'            [ Not found ]
[01:00:56]   Checking for file '/usr/bin/snfs'               [ Not found ]
[01:00:56]   Checking for file '/usr/lib/libsss'             [ Not found ]
[01:00:56]   Checking for directory '/dev/ida/.hpd'          [ Not found ]
[01:00:56] Dreams Rootkit                                    [ Not found ]
[01:00:56]
[01:00:56] Checking for Duarawkz Rootkit...
[01:00:56]   Checking for file '/usr/bin/duarawkz/loginpass' [ Not found ]
[01:00:56]   Checking for directory '/usr/bin/duarawkz'      [ Not found ]
[01:00:56] Duarawkz Rootkit                                  [ Not found ]
[01:00:56]
[01:00:56] Checking for Enye LKM...
[01:00:56]   Checking for file '/etc/.enyelkmHIDE^IT.ko'     [ Not found ]
[01:00:56] Enye LKM                                          [ Not found ]
[01:00:56]
[01:00:56] Checking for Flea Linux Rootkit...
[01:00:56]   Checking for file '/etc/ld.so.hash'             [ Not found ]
[01:00:56]   Checking for file '/lib/security/.config/ssh/ssh_host_key' [ Not found ]
[01:00:56]   Checking for file '/lib/security/.config/ssh/ssh_host_key.pub' [ Not found ]
[01:00:56]   Checking for file '/lib/security/.config/ssh/ssh_random_seed' [ Not found ]
[01:00:56]   Checking for file '/usr/bin/ssh2d'              [ Not found ]
[01:00:56]   Checking for file '/usr/lib/ldlibns.so'         [ Not found ]
[01:00:56]   Checking for file '/usr/lib/ldlibpst.so'        [ Not found ]
[01:00:56]   Checking for file '/usr/lib/ldlibdu.so'         [ Not found ]
[01:00:56]   Checking for file '/usr/lib/ldlibct.so'         [ Not found ]
[01:00:56]   Checking for directory '/lib/security/.config/ssh' [ Not found ]
[01:00:56]   Checking for directory '/dev/..0'               [ Not found ]
[01:00:56]   Checking for directory '/dev/..0/backup'        [ Not found ]
[01:00:56] Flea Linux Rootkit                                [ Not found ]
[01:00:57]
[01:00:57] Checking for FreeBSD Rootkit...
[01:00:57]   Checking for file '/usr/lib/.fx/sched_host.2'   [ Not found ]
[01:00:57]   Checking for file '/usr/lib/.fx/random_d.2'     [ Not found ]
[01:00:57]   Checking for file '/usr/lib/.fx/set_pid.2'      [ Not found ]
[01:00:57]   Checking for file '/usr/lib/.fx/cons.saver'     [ Not found ]
[01:00:57]   Checking for file '/usr/lib/.fx/adore/adore/adore.ko' [ Not found ]
[01:00:57]   Checking for file '/bin/sysback'                [ Not found ]
[01:00:57]   Checking for file '/usr/local/bin/sysback'      [ Not found ]
[01:00:57]   Checking for directory '/usr/lib/.fx'           [ Not found ]
[01:00:57]   Checking for directory '/usr/lib/.fx/adore'     [ Not found ]
[01:00:57] FreeBSD Rootkit                                   [ Not found ]
[01:00:57]
[01:00:57] Checking for Fuck`it Rootkit...
[01:00:57]   Checking for file '/dev/proc/fuckit/hax0r'      [ Not found ]
[01:00:57]   Checking for file '/dev/proc/fuckit/hax0rshell' [ Not found ]
[01:00:57]   Checking for file '/dev/proc/fuckit/config/lports' [ Not found ]
[01:00:57]   Checking for file '/dev/proc/fuckit/config/rports' [ Not found ]
[01:00:57]   Checking for file '/dev/proc/fuckit/config/rkconf' [ Not found ]
[01:00:57]   Checking for file '/dev/proc/fuckit/config/password' [ Not found ]
[01:00:57]   Checking for file '/dev/proc/fuckit/config/progs' [ Not found ]
[01:00:57]   Checking for file '/dev/proc/system-bins/init'  [ Not found ]
[01:00:57] Fuck`it Rootkit                                   [ Not found ]
[01:00:57]
[01:00:57] Checking for GasKit Rootkit...
[01:00:57]   Checking for file '/dev/dev/gaskit/sshd/sshdd'  [ Not found ]
[01:00:57]   Checking for directory '/dev/dev'               [ Not found ]
[01:00:57]   Checking for directory '/dev/dev/gaskit'        [ Not found ]
[01:00:57]   Checking for directory '/dev/dev/gaskit/sshd'   [ Not found ]
[01:00:57] GasKit Rootkit                                    [ Not found ]
[01:00:57]
[01:00:57] Checking for Heroin LKM...
[01:00:57]   Checking for kernel symbol 'heroin'             [ Not found ]
[01:00:57] Heroin LKM                                        [ Not found ]
[01:00:57]
[01:00:57] Checking for HjC Kit...
[01:00:57]   Checking for directory '/dev/.hijackerz'        [ Not found ]
[01:00:57] HjC Kit                                           [ Not found ]
[01:00:57]
[01:00:57] Checking for ignoKit Rootkit...
[01:00:57]   Checking for file '/lib/defs/p'                 [ Not found ]
[01:00:57]   Checking for file '/lib/defs/q'                 [ Not found ]
[01:00:57]   Checking for file '/lib/defs/r'                 [ Not found ]
[01:00:57]   Checking for file '/lib/defs/s'                 [ Not found ]
[01:00:57]   Checking for file '/lib/defs/t'                 [ Not found ]
[01:00:57]   Checking for file '/usr/lib/defs/p'             [ Not found ]
[01:00:58]   Checking for file '/usr/lib/defs/q'             [ Not found ]
[01:00:58]   Checking for file '/usr/lib/defs/r'             [ Not found ]
[01:00:58]   Checking for file '/usr/lib/defs/s'             [ Not found ]
[01:00:58]   Checking for file '/usr/lib/defs/t'             [ Not found ]
[01:00:58]   Checking for file '/usr/lib/.libigno/pkunsec'   [ Not found ]
[01:00:58]   Checking for file '/usr/lib/.libigno/.igno/psybnc/psybnc' [ Not found ]
[01:00:58]   Checking for directory '/usr/lib/.libigno'      [ Not found ]
[01:00:58]   Checking for directory '/usr/lib/.libigno/.igno' [ Not found ]
[01:00:58] ignoKit Rootkit                                   [ Not found ]
[01:00:58]
[01:00:58] Checking for ImperalsS-FBRK Rootkit...
[01:00:58]   Checking for directory '/dev/fd/.88'            [ Not found ]
[01:00:58]   Checking for directory '/dev/fd/.99'            [ Not found ]
[01:00:58] ImperalsS-FBRK Rootkit                            [ Not found ]
[01:00:58]
[01:00:58] Checking for IntoXonia-NG Rootkit...
[01:00:58]   Checking for kernel symbol 'funces'             [ Not found ]
[01:00:58]   Checking for kernel symbol 'ixinit'             [ Not found ]
[01:00:58]   Checking for kernel symbol 'tricks'             [ Not found ]
[01:00:58]   Checking for kernel symbol 'kernel_unlink'      [ Not found ]
[01:00:58]   Checking for kernel symbol 'rootme'             [ Not found ]
[01:00:58]   Checking for kernel symbol 'hide_module'        [ Not found ]
[01:00:58]   Checking for kernel symbol 'find_sys_call_tbl'  [ Not found ]
[01:00:58] IntoXonia-NG Rootkit                              [ Not found ]
[01:00:58]
[01:00:58] Checking for Irix Rootkit...
[01:00:58]   Checking for directory '/dev/pts/01'            [ Not found ]
[01:00:58]   Checking for directory '/dev/pts/01/backup'     [ Not found ]
[01:00:58]   Checking for directory '/dev/pts/01/etc'        [ Not found ]
[01:00:58]   Checking for directory '/dev/pts/01/tmp'        [ Not found ]
[01:00:58] Irix Rootkit                                      [ Not found ]
[01:00:59]
[01:00:59] Checking for Kitko Rootkit...
[01:00:59]   Checking for directory '/usr/src/redhat/SRPMS/...' [ Not found ]
[01:00:59] Kitko Rootkit                                     [ Not found ]
[01:00:59]
[01:00:59] Checking for Knark Rootkit...
[01:00:59]   Checking for file '/proc/knark/pids'            [ Not found ]
[01:00:59]   Checking for directory '/proc/knark'            [ Not found ]
[01:00:59] Knark Rootkit                                     [ Not found ]
[01:00:59]
[01:00:59] Checking for Li0n Worm...
[01:00:59]   Checking for file '/bin/in.telnetd'             [ Not found ]
[01:00:59]   Checking for file '/bin/mjy'                    [ Not found ]
[01:00:59]   Checking for file '/usr/man/man1/man1/lib/.lib/mjy' [ Not found ]
[01:00:59]   Checking for file '/usr/man/man1/man1/lib/.lib/in.telnetd' [ Not found ]
[01:00:59]   Checking for file '/usr/man/man1/man1/lib/.lib/.x' [ Not found ]
[01:00:59]   Checking for file '/dev/.lib/lib/scan/1i0n.sh'  [ Not found ]
[01:00:59]   Checking for file '/dev/.lib/lib/scan/hack.sh'  [ Not found ]
[01:00:59]   Checking for file '/dev/.lib/lib/scan/bind'     [ Not found ]
[01:00:59]   Checking for file '/dev/.lib/lib/scan/randb'    [ Not found ]
[01:00:59]   Checking for file '/dev/.lib/lib/scan/scan.sh'  [ Not found ]
[01:00:59]   Checking for file '/dev/.lib/lib/scan/pscan'    [ Not found ]
[01:00:59]   Checking for file '/dev/.lib/lib/scan/star.sh'  [ Not found ]
[01:00:59]   Checking for file '/dev/.lib/lib/scan/bindx.sh' [ Not found ]
[01:00:59]   Checking for file '/dev/.lib/lib/scan/bindname.log' [ Not found ]
[01:00:59]   Checking for file '/dev/.lib/lib/1i0n.sh'       [ Not found ]
[01:00:59]   Checking for file '/dev/.lib/lib/lib/netstat'   [ Not found ]
[01:00:59]   Checking for file '/dev/.lib/lib/lib/dev/.1addr' [ Not found ]
[01:00:59]   Checking for file '/dev/.lib/lib/lib/dev/.1logz' [ Not found ]
[01:00:59]   Checking for file '/dev/.lib/lib/lib/dev/.1proc' [ Not found ]
[01:00:59]   Checking for file '/dev/.lib/lib/lib/dev/.1file' [ Not found ]
[01:00:59] Li0n Worm                                         [ Not found ]
[01:00:59]
[01:00:59] Checking for Lockit / LJK2 Rootkit...
[01:00:59]   Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_config' [ Not found ]
[01:00:59]   Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_host_key' [ Not found ]
[01:00:59]   Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_host_key.pub' [ Not found ]
[01:00:59]   Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_random_seed*' [ Not found ]
[01:00:59]   Checking for file '/usr/lib/libmen.oo/.LJK2/sshd_config' [ Not found ]
[01:00:59]   Checking for file '/usr/lib/libmen.oo/.LJK2/backdoor/RK1bd' [ Not found ]
[01:00:59]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/du' [ Not found ]
[01:00:59]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ifconfig' [ Not found ]
[01:00:59]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/inetd.conf' [ Not found ]
[01:00:59]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/locate' [ Not found ]
[01:00:59]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/login' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ls' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/netstat' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ps' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/pstree' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/rc.sysinit' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/syslogd' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/tcpd' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/top' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/clean/RK1sauber' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/clean/RK1wted' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/hack/RK1parser' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/hack/RK1sniff' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1addr' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1dir' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1log' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1proc' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/hide/RK1phidemod.c' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/modules/README.modules' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/modules/RK1hidem.c' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/modules/RK1phide' [ Not found ]
[01:01:00]   Checking for file '/usr/lib/libmen.oo/.LJK2/sshconfig/RK1ssh' [ Not found ]
[01:01:00]   Checking for directory '/usr/lib/libmen.oo/.LJK2' [ Not found ]
[01:01:00] Lockit / LJK2 Rootkit                             [ Not found ]

Offline no_stress

  • Jr. Member
  • **
  • Post: 44
    • Mostra profilo
Re: Possibili problemi di sicurezza sul mio server da watchdog
« Risposta #3 il: 30 Aprile 2012, 01:37:58 »
[01:01:00]
[01:01:00] Checking for Mood-NT Rootkit...
[01:01:00]   Checking for file '/sbin/init__mood-nt-_-_cthulhu' [ Not found ]
[01:01:00]   Checking for file '/_cthulhu/mood-nt.init'      [ Not found ]
[01:01:00]   Checking for file '/_cthulhu/mood-nt.conf'      [ Not found ]
[01:01:00]   Checking for file '/_cthulhu/mood-nt.sniff'     [ Not found ]
[01:01:00]   Checking for directory '/_cthulhu'              [ Not found ]
[01:01:00] Mood-NT Rootkit                                   [ Not found ]
[01:01:00]
[01:01:00] Checking for MRK Rootkit...
[01:01:00]   Checking for file '/dev/ida/.inet/pid'          [ Not found ]
[01:01:00]   Checking for file '/dev/ida/.inet/ssh_host_key' [ Not found ]
[01:01:00]   Checking for file '/dev/ida/.inet/ssh_random_seed' [ Not found ]
[01:01:00]   Checking for file '/dev/ida/.inet/tcp.log'      [ Not found ]
[01:01:00]   Checking for directory '/dev/ida/.inet'         [ Not found ]
[01:01:00]   Checking for directory '/var/spool/cron/.sh'    [ Not found ]
[01:01:00] MRK Rootkit                                       [ Not found ]
[01:01:00]
[01:01:00] Checking for Ni0 Rootkit...
[01:01:00]   Checking for file '/var/lock/subsys/...datafile.../...net...' [ Not found ]
[01:01:00]   Checking for file '/var/lock/subsys/...datafile.../...port...' [ Not found ]
[01:01:01]   Checking for file '/var/lock/subsys/...datafile.../...ps...' [ Not found ]
[01:01:01]   Checking for file '/var/lock/subsys/...datafile.../...file...' [ Not found ]
[01:01:01]   Checking for directory '/tmp/waza'              [ Not found ]
[01:01:01]   Checking for directory '/var/lock/subsys/...datafile...' [ Not found ]
[01:01:01]   Checking for directory '/usr/sbin/es'           [ Not found ]
[01:01:01] Ni0 Rootkit                                       [ Not found ]
[01:01:01]
[01:01:01] Checking for Ohhara Rootkit...
[01:01:01]   Checking for file '/var/lock/subsys/...datafile.../...datafile.../in.smbd.log' [ Not found ]
[01:01:01]   Checking for directory '/var/lock/subsys/...datafile...' [ Not found ]
[01:01:01]   Checking for directory '/var/lock/subsys/...datafile.../...datafile...' [ Not found ]
[01:01:01]   Checking for directory '/var/lock/subsys/...datafile.../...datafile.../bin' [ Not found ]
[01:01:01]   Checking for directory '/var/lock/subsys/...datafile.../...datafile.../usr/bin' [ Not found ]
[01:01:01]   Checking for directory '/var/lock/subsys/...datafile.../...datafile.../usr/sbin' [ Not found ]
[01:01:01]   Checking for directory '/var/lock/subsys/...datafile.../...datafile.../lib/security' [ Not found ]
[01:01:01] Ohhara Rootkit                                    [ Not found ]
[01:01:01]
[01:01:01] Checking for Optic Kit (Tux) Worm...
[01:01:01]   Checking for directory '/dev/tux'               [ Not found ]
[01:01:01]   Checking for directory '/usr/bin/xchk'          [ Not found ]
[01:01:01]   Checking for directory '/usr/bin/xsf'           [ Not found ]
[01:01:01]   Checking for directory '/usr/bin/ssh2d'         [ Not found ]
[01:01:01] Optic Kit (Tux) Worm                              [ Not found ]
[01:01:01]
[01:01:01] Checking for Oz Rootkit...
[01:01:01]   Checking for file '/dev/.oz/.nap/rkit/terror'   [ Not found ]
[01:01:01]   Checking for directory '/dev/.oz'               [ Not found ]
[01:01:01] Oz Rootkit                                        [ Not found ]
[01:01:01]
[01:01:01] Checking for Phalanx Rootkit...
[01:01:01]   Checking for file '/usr/share/.home.ph1/cb'     [ Not found ]
[01:01:01]   Checking for file '/etc/host.ph1'               [ Not found ]
[01:01:01]   Checking for file '/bin/host.ph1'               [ Not found ]
[01:01:01]   Checking for file '/usr/share/.home.ph1/phalanx' [ Not found ]
[01:01:01]   Checking for directory '/usr/share/.home.ph1'   [ Not found ]
[01:01:01] Phalanx Rootkit                                   [ Not found ]
[01:01:01]
[01:01:01] Checking for Phalanx Rootkit (strings)...
[01:01:01]   Checking for string 'phalanx'                   [ Not found ]
[01:01:01] Phalanx Rootkit (strings)                         [ Not found ]
[01:01:01]
[01:01:01] Checking for Phalanx2 Rootkit...
[01:01:01]   Checking for file '/etc/khubd.p2/.p2rc'         [ Not found ]
[01:01:01]   Checking for file '/etc/khubd.p2/.phalanx2'     [ Not found ]
[01:01:01]   Checking for file '/etc/khubd.p2/.sniff'        [ Not found ]
[01:01:01]   Checking for file '/etc/khubd.p2/sshgrab.py'    [ Not found ]
[01:01:01]   Checking for file '/etc/lolzz.p2/.p2rc'         [ Not found ]
[01:01:01]   Checking for file '/etc/lolzz.p2/.phalanx2'     [ Not found ]
[01:01:01]   Checking for file '/etc/lolzz.p2/.sniff'        [ Not found ]
[01:01:02]   Checking for file '/etc/lolzz.p2/sshgrab.py'    [ Not found ]
[01:01:02]   Checking for directory '/etc/khubd.p2'          [ Not found ]
[01:01:02]   Checking for directory '/etc/lolzz.p2'          [ Not found ]
[01:01:02] Phalanx2 Rootkit                                  [ Not found ]
[01:01:02]
[01:01:02] Checking for Phalanx2 Rootkit (extended tests)...
[01:01:02]   Checking for directory '/etc/khubd.p2'          [ Not found ]
[01:01:02]   Checking for directory '/etc/lolzz.p2'          [ Not found ]
[01:01:02] Phalanx2 Rootkit (extended tests)                 [ Not found ]
[01:01:02]
[01:01:02] Checking for Portacelo Rootkit...
[01:01:02]   Checking for file '/var/lib/.../.ak'            [ Not found ]
[01:01:02]   Checking for file '/var/lib/.../.hk'            [ Not found ]
[01:01:02]   Checking for file '/var/lib/.../.rs'            [ Not found ]
[01:01:02]   Checking for file '/var/lib/.../.p'             [ Not found ]
[01:01:02]   Checking for file '/var/lib/.../getty'          [ Not found ]
[01:01:02]   Checking for file '/var/lib/.../lkt.o'          [ Not found ]
[01:01:02]   Checking for file '/var/lib/.../show'           [ Not found ]
[01:01:02]   Checking for file '/var/lib/.../nlkt.o'         [ Not found ]
[01:01:02]   Checking for file '/var/lib/.../ssshrc'         [ Not found ]
[01:01:02]   Checking for file '/var/lib/.../sssh_equiv'     [ Not found ]
[01:01:02]   Checking for file '/var/lib/.../sssh_known_hosts' [ Not found ]
[01:01:02]   Checking for file '/var/lib/.../sssh_pid'       [ Not found ]
[01:01:02]   Checking for file '~/.sssh/known_hosts'         [ Not found ]
[01:01:02] Portacelo Rootkit                                 [ Not found ]
[01:01:02]
[01:01:02] Checking for R3dstorm Toolkit...
[01:01:02]   Checking for file '/var/log/tk02/see_all'       [ Not found ]
[01:01:02]   Checking for file '/bin/.../sshd/sbin/sshd1'    [ Not found ]
[01:01:02]   Checking for file '/bin/.../hate/sk'            [ Not found ]
[01:01:02]   Checking for file '/bin/.../see_all'            [ Not found ]
[01:01:02]   Checking for directory '/var/log/tk02'          [ Not found ]
[01:01:02]   Checking for directory '/var/log/tk02/old'      [ Not found ]
[01:01:02]   Checking for directory '/bin/...'               [ Not found ]
[01:01:02] R3dstorm Toolkit                                  [ Not found ]
[01:01:02]
[01:01:02] Checking for RH-Sharpe's Rootkit...
[01:01:02]   Checking for file '/bin/lps'                    [ Not found ]
[01:01:02]   Checking for file '/usr/bin/lpstree'            [ Not found ]
[01:01:02]   Checking for file '/usr/bin/ltop'               [ Not found ]
[01:01:02]   Checking for file '/usr/bin/lkillall'           [ Not found ]
[01:01:02]   Checking for file '/usr/bin/ldu'                [ Not found ]
[01:01:02]   Checking for file '/usr/bin/lnetstat'           [ Not found ]
[01:01:02]   Checking for file '/usr/bin/wp'                 [ Not found ]
[01:01:03]   Checking for file '/usr/bin/shad'               [ Not found ]
[01:01:03]   Checking for file '/usr/bin/vadim'              [ Not found ]
[01:01:03]   Checking for file '/usr/bin/slice'              [ Not found ]
[01:01:03]   Checking for file '/usr/bin/cleaner'            [ Not found ]
[01:01:03]   Checking for file '/usr/include/rpcsvc/du'      [ Not found ]
[01:01:03] RH-Sharpe's Rootkit                               [ Not found ]
[01:01:03]
[01:01:03] Checking for RSHA's Rootkit...
[01:01:03]   Checking for file '/bin/kr4p'                   [ Not found ]
[01:01:03]   Checking for file '/usr/bin/n3tstat'            [ Not found ]
[01:01:03]   Checking for file '/usr/bin/chsh2'              [ Not found ]
[01:01:03]   Checking for file '/usr/bin/slice2'             [ Not found ]
[01:01:03]   Checking for file '/usr/src/linux/arch/alpha/lib/.lib/.1proc' [ Not found ]
[01:01:03]   Checking for file '/etc/rc.d/arch/alpha/lib/.lib/.1addr' [ Not found ]
[01:01:03]   Checking for directory '/etc/rc.d/rsha'         [ Not found ]
[01:01:03]   Checking for directory '/etc/rc.d/arch/alpha/lib/.lib' [ Not found ]
[01:01:03] RSHA's Rootkit                                    [ Not found ]
[01:01:03]
[01:01:03] Checking for Scalper Worm...
[01:01:03]   Checking for file '/tmp/.a'                     [ Not found ]
[01:01:03]   Checking for file '/tmp/.uua'                   [ Not found ]
[01:01:03] Scalper Worm                                      [ Not found ]
[01:01:03]
[01:01:03] Checking for Sebek LKM...
[01:01:03]   Checking for kernel symbol 'adore or sebek'     [ Not found ]
[01:01:03] Sebek LKM                                         [ Not found ]
[01:01:03]
[01:01:03] Checking for Shutdown Rootkit...
[01:01:03]   Checking for file '/usr/man/man5/.. /.dir/scannah/asus' [ Not found ]
[01:01:03]   Checking for file '/usr/man/man5/.. /.dir/see'  [ Not found ]
[01:01:03]   Checking for file '/usr/man/man5/.. /.dir/nscd' [ Not found ]
[01:01:04]   Checking for file '/usr/man/man5/.. /.dir/alpd' [ Not found ]
[01:01:04]   Checking for file '/etc/rc.d/rc.local '         [ Not found ]
[01:01:04]   Checking for directory '/usr/man/man5/.. /.dir' [ Not found ]
[01:01:04]   Checking for directory '/usr/man/man5/.. /.dir/scannah' [ Not found ]
[01:01:04]   Checking for directory '/etc/rc.d/rc0.d/.. /.dir' [ Not found ]
[01:01:04] Shutdown Rootkit                                  [ Not found ]
[01:01:04]
[01:01:04] Checking for SHV4 Rootkit...
[01:01:04]   Checking for file '/etc/ld.so.hash'             [ Not found ]
[01:01:04]   Checking for file '/lib/libext-2.so.7'          [ Not found ]
[01:01:04]   Checking for file '/lib/lidps1.so'              [ Not found ]
[01:01:04]   Checking for file '/usr/sbin/xntps'             [ Not found ]
[01:01:04]   Checking for directory '/lib/security/.config'  [ Not found ]
[01:01:04]   Checking for directory '/lib/security/.config/ssh' [ Not found ]
[01:01:04] SHV4 Rootkit                                      [ Not found ]
[01:01:04]
[01:01:04] Checking for SHV5 Rootkit...
[01:01:04]   Checking for file '/etc/sh.conf'                [ Not found ]
[01:01:04]   Checking for file '/dev/srd0'                   [ Not found ]
[01:01:04]   Checking for directory '/usr/lib/libsh'         [ Not found ]
[01:01:04] SHV5 Rootkit                                      [ Not found ]
[01:01:04]
[01:01:04] Checking for Sin Rootkit...
[01:01:04]   Checking for file '/dev/.haos/haos1/.f/Denyed'  [ Not found ]
[01:01:04]   Checking for file '/dev/ttyoa'                  [ Not found ]
[01:01:04]   Checking for file '/dev/ttyof'                  [ Not found ]
[01:01:04]   Checking for file '/dev/ttyop'                  [ Not found ]
[01:01:04]   Checking for file '/dev/ttyos'                  [ Not found ]
[01:01:04]   Checking for file '/usr/lib/.lib'               [ Not found ]
[01:01:04]   Checking for file '/usr/lib/sn/.X'              [ Not found ]
[01:01:04]   Checking for file '/usr/lib/sn/.sys'            [ Not found ]
[01:01:04]   Checking for file '/usr/lib/ld/.X'              [ Not found ]
[01:01:04]   Checking for file '/usr/man/man1/...'           [ Not found ]
[01:01:04]   Checking for file '/usr/man/man1/.../.m'        [ Not found ]
[01:01:04]   Checking for file '/usr/man/man1/.../.w'        [ Not found ]
[01:01:04]   Checking for directory '/usr/lib/sn'            [ Not found ]
[01:01:04]   Checking for directory '/usr/lib/man1/...'      [ Not found ]
[01:01:04]   Checking for directory '/dev/.haos'             [ Not found ]
[01:01:04] Sin Rootkit                                       [ Not found ]
[01:01:04]
[01:01:04] Checking for Slapper Worm...
[01:01:04]   Checking for file '/tmp/.bugtraq'               [ Not found ]
[01:01:04]   Checking for file '/tmp/.uubugtraq'             [ Not found ]
[01:01:04]   Checking for file '/tmp/.bugtraq.c'             [ Not found ]
[01:01:04]   Checking for file '/tmp/httpd'                  [ Not found ]
[01:01:05]   Checking for file '/tmp/.unlock'                [ Not found ]
[01:01:05]   Checking for file '/tmp/update'                 [ Not found ]
[01:01:05]   Checking for file '/tmp/.cinik'                 [ Not found ]
[01:01:05]   Checking for file '/tmp/.b'                     [ Not found ]
[01:01:05] Slapper Worm                                      [ Not found ]
[01:01:05]
[01:01:05] Checking for Sneakin Rootkit...
[01:01:05]   Checking for directory '/tmp/.X11-unix/.../rk'  [ Not found ]
[01:01:05] Sneakin Rootkit                                   [ Not found ]
[01:01:05]
[01:01:05] Checking for Suckit Rootkit...
[01:01:05]   Checking for file '/sbin/initsk12'              [ Not found ]
[01:01:05]   Checking for file '/sbin/initxrk'               [ Not found ]
[01:01:05]   Checking for file '/usr/bin/null'               [ Not found ]
[01:01:05]   Checking for file '/usr/share/locale/sk/.sk12/sk' [ Not found ]
[01:01:05]   Checking for file '/etc/rc.d/rc0.d/S23kmdac'    [ Not found ]
[01:01:05]   Checking for file '/etc/rc.d/rc1.d/S23kmdac'    [ Not found ]
[01:01:05]   Checking for file '/etc/rc.d/rc2.d/S23kmdac'    [ Not found ]
[01:01:05]   Checking for file '/etc/rc.d/rc3.d/S23kmdac'    [ Not found ]
[01:01:05]   Checking for file '/etc/rc.d/rc4.d/S23kmdac'    [ Not found ]
[01:01:05]   Checking for file '/etc/rc.d/rc5.d/S23kmdac'    [ Not found ]
[01:01:05]   Checking for file '/etc/rc.d/rc6.d/S23kmdac'    [ Not found ]
[01:01:05]   Checking for directory '/dev/sdhu0/tehdrakg'    [ Not found ]
[01:01:05]   Checking for directory '/etc/.MG'               [ Not found ]
[01:01:05]   Checking for directory '/usr/share/locale/sk/.sk12' [ Not found ]
[01:01:05]   Checking for directory '/usr/lib/perl5/site_perl/i386-linux/auto/TimeDate/.packlist' [ Not found ]
[01:01:05] Suckit Rootkit                                    [ Not found ]

Offline no_stress

  • Jr. Member
  • **
  • Post: 44
    • Mostra profilo
Re: Possibili problemi di sicurezza sul mio server da watchdog
« Risposta #4 il: 30 Aprile 2012, 01:38:55 »
[01:01:05]
[01:01:05] Checking for SunOS Rootkit...
[01:01:05]   Checking for file '/etc/ld.so.hash'             [ Not found ]
[01:01:05]   Checking for file '/lib/libext-2.so.7'          [ Not found ]
[01:01:05]   Checking for file '/usr/bin/ssh2d'              [ Not found ]
[01:01:05]   Checking for file '/bin/xlogin'                 [ Not found ]
[01:01:05]   Checking for file '/usr/lib/crth.o'             [ Not found ]
[01:01:05]   Checking for file '/usr/lib/crtz.o'             [ Not found ]
[01:01:05]   Checking for file '/sbin/login'                 [ Not found ]
[01:01:05]   Checking for file '/lib/security/.config/sn'    [ Not found ]
[01:01:05]   Checking for file '/lib/security/.config/lpsched' [ Not found ]
[01:01:05]   Checking for file '/dev/kmod'                   [ Not found ]
[01:01:05]   Checking for file '/dev/dos'                    [ Not found ]
[01:01:05] SunOS Rootkit                                     [ Not found ]
[01:01:05]
[01:01:05] Checking for SunOS / NSDAP Rootkit...
[01:01:05]   Checking for file '/usr/lib/vold/nsdap/.kit'    [ Not found ]
[01:01:06]   Checking for file '/usr/lib/vold/nsdap/defines' [ Not found ]
[01:01:06]   Checking for file '/usr/lib/vold/nsdap/patcher' [ Not found ]
[01:01:06]   Checking for file '/usr/lib/vold/nsdap/pg'      [ Not found ]
[01:01:06]   Checking for file '/usr/lib/vold/nsdap/cleaner' [ Not found ]
[01:01:06]   Checking for file '/usr/lib/vold/nsdap/utime'   [ Not found ]
[01:01:06]   Checking for file '/usr/lib/vold/nsdap/crypt'   [ Not found ]
[01:01:06]   Checking for file '/usr/lib/vold/nsdap/findkit' [ Not found ]
[01:01:06]   Checking for file '/usr/lib/vold/nsdap/sn2'     [ Not found ]
[01:01:06]   Checking for file '/usr/lib/vold/nsdap/sniffload' [ Not found ]
[01:01:06]   Checking for file '/usr/lib/vold/nsdap/runsniff' [ Not found ]
[01:01:06]   Checking for file '/usr/lib/lpset'              [ Not found ]
[01:01:06]   Checking for directory '/usr/lib/vold/nsdap'    [ Not found ]
[01:01:06] SunOS / NSDAP Rootkit                             [ Not found ]
[01:01:06]
[01:01:06] Checking for Superkit Rootkit...
[01:01:06]   Checking for file '/usr/man/.sman/sk'           [ Not found ]
[01:01:06] Superkit Rootkit                                  [ Not found ]
[01:01:06]
[01:01:06] Checking for TBD (Telnet BackDoor)...
[01:01:06]   Checking for file '/usr/lib/.tbd'               [ Not found ]
[01:01:06] TBD (Telnet BackDoor)                             [ Not found ]
[01:01:06]
[01:01:06] Checking for TeLeKiT Rootkit...
[01:01:06]   Checking for file '/usr/man/man3/.../TeLeKiT/bin/sniff' [ Not found ]
[01:01:06]   Checking for file '/usr/man/man3/.../TeLeKiT/bin/telnetd' [ Not found ]
[01:01:06]   Checking for file '/usr/man/man3/.../TeLeKiT/bin/teleulo' [ Not found ]
[01:01:06]   Checking for file '/usr/man/man3/.../cl'        [ Not found ]
[01:01:06]   Checking for file '/dev/ptyr'                   [ Not found ]
[01:01:06]   Checking for file '/dev/ptyp'                   [ Not found ]
[01:01:06]   Checking for file '/dev/ptyq'                   [ Not found ]
[01:01:06]   Checking for file '/dev/hda06'                  [ Not found ]
[01:01:06]   Checking for file '/usr/info/libc1.so'          [ Not found ]
[01:01:06]   Checking for directory '/usr/man/man3/...'      [ Not found ]
[01:01:06]   Checking for directory '/usr/man/man3/.../lsniff' [ Not found ]
[01:01:06]   Checking for directory '/usr/man/man3/.../TeLeKiT' [ Not found ]
[01:01:06] TeLeKiT Rootkit                                   [ Not found ]
[01:01:06]
[01:01:06] Checking for T0rn Rootkit...
[01:01:06]   Checking for file '/dev/.lib/lib/lib/t0rns'     [ Not found ]
[01:01:06]   Checking for file '/dev/.lib/lib/lib/du'        [ Not found ]
[01:01:06]   Checking for file '/dev/.lib/lib/lib/ls'        [ Not found ]
[01:01:06]   Checking for file '/dev/.lib/lib/lib/t0rnsb'    [ Not found ]
[01:01:06]   Checking for file '/dev/.lib/lib/lib/ps'        [ Not found ]
[01:01:06]   Checking for file '/dev/.lib/lib/lib/t0rnp'     [ Not found ]
[01:01:06]   Checking for file '/dev/.lib/lib/lib/find'      [ Not found ]
[01:01:07]   Checking for file '/dev/.lib/lib/lib/ifconfig'  [ Not found ]
[01:01:07]   Checking for file '/dev/.lib/lib/lib/pg'        [ Not found ]
[01:01:07]   Checking for file '/dev/.lib/lib/lib/ssh.tgz'   [ Not found ]
[01:01:07]   Checking for file '/dev/.lib/lib/lib/top'       [ Not found ]
[01:01:07]   Checking for file '/dev/.lib/lib/lib/sz'        [ Not found ]
[01:01:07]   Checking for file '/dev/.lib/lib/lib/login'     [ Not found ]
[01:01:07]   Checking for file '/dev/.lib/lib/lib/in.fingerd' [ Not found ]
[01:01:07]   Checking for file '/dev/.lib/lib/lib/1i0n.sh'   [ Not found ]
[01:01:07]   Checking for file '/dev/.lib/lib/lib/pstree'    [ Not found ]
[01:01:07]   Checking for file '/dev/.lib/lib/lib/in.telnetd' [ Not found ]
[01:01:07]   Checking for file '/dev/.lib/lib/lib/mjy'       [ Not found ]
[01:01:07]   Checking for file '/dev/.lib/lib/lib/sush'      [ Not found ]
[01:01:07]   Checking for file '/dev/.lib/lib/lib/tfn'       [ Not found ]
[01:01:07]   Checking for file '/dev/.lib/lib/lib/name'      [ Not found ]
[01:01:07]   Checking for file '/dev/.lib/lib/lib/getip.sh'  [ Not found ]
[01:01:07]   Checking for file '/usr/info/.torn/sh*'         [ Not found ]
[01:01:07]   Checking for file '/usr/src/.puta/.1addr'       [ Not found ]
[01:01:07]   Checking for file '/usr/src/.puta/.1file'       [ Not found ]
[01:01:07]   Checking for file '/usr/src/.puta/.1proc'       [ Not found ]
[01:01:07]   Checking for file '/usr/src/.puta/.1logz'       [ Not found ]
[01:01:07]   Checking for file '/usr/info/.t0rn'             [ Not found ]
[01:01:07]   Checking for directory '/dev/.lib'              [ Not found ]
[01:01:07]   Checking for directory '/dev/.lib/lib'          [ Not found ]
[01:01:07]   Checking for directory '/dev/.lib/lib/lib'      [ Not found ]
[01:01:07]   Checking for directory '/dev/.lib/lib/lib/dev'  [ Not found ]
[01:01:07]   Checking for directory '/dev/.lib/lib/scan'     [ Not found ]
[01:01:07]   Checking for directory '/usr/src/.puta'         [ Not found ]
[01:01:07]   Checking for directory '/usr/man/man1/man1'     [ Not found ]
[01:01:07]   Checking for directory '/usr/man/man1/man1/lib' [ Not found ]
[01:01:07]   Checking for directory '/usr/man/man1/man1/lib/.lib' [ Not found ]
[01:01:07]   Checking for directory '/usr/man/man1/man1/lib/.lib/.backup' [ Not found ]
[01:01:07] T0rn Rootkit                                      [ Not found ]
[01:01:07]
[01:01:07] Checking for Trojanit Kit...
[01:01:07]   Checking for file '/bin/.ls'                    [ Not found ]
[01:01:07]   Checking for file '/bin/.ps'                    [ Not found ]
[01:01:07]   Checking for file '/bin/.netstat'               [ Not found ]
[01:01:07]   Checking for file '/usr/bin/.nop'               [ Not found ]
[01:01:07]   Checking for file '/usr/bin/.who'               [ Not found ]
[01:01:07] Trojanit Kit                                      [ Not found ]
[01:01:07]
[01:01:07] Checking for Tuxtendo Rootkit...
[01:01:08]   Checking for file '/dev/tux/.addr'              [ Not found ]
[01:01:08]   Checking for file '/dev/tux/.cron'              [ Not found ]
[01:01:08]   Checking for file '/dev/tux/.file'              [ Not found ]
[01:01:08]   Checking for file '/dev/tux/.log'               [ Not found ]
[01:01:08]   Checking for file '/dev/tux/.proc'              [ Not found ]
[01:01:08]   Checking for file '/dev/tux/backup/crontab'     [ Not found ]
[01:01:08]   Checking for file '/dev/tux/backup/df'          [ Not found ]
[01:01:08]   Checking for file '/dev/tux/backup/dir'         [ Not found ]
[01:01:08]   Checking for file '/dev/tux/backup/find'        [ Not found ]
[01:01:08]   Checking for file '/dev/tux/backup/ifconfig'    [ Not found ]
[01:01:08]   Checking for file '/dev/tux/backup/locate'      [ Not found ]
[01:01:08]   Checking for file '/dev/tux/backup/netstat'     [ Not found ]
[01:01:08]   Checking for file '/dev/tux/backup/ps'          [ Not found ]
[01:01:08]   Checking for file '/dev/tux/backup/pstree'      [ Not found ]
[01:01:08]   Checking for file '/dev/tux/backup/syslogd'     [ Not found ]
[01:01:08]   Checking for file '/dev/tux/backup/tcpd'        [ Not found ]
[01:01:08]   Checking for file '/dev/tux/backup/top'         [ Not found ]
[01:01:08]   Checking for file '/dev/tux/backup/updatedb'    [ Not found ]
[01:01:08]   Checking for file '/dev/tux/backup/vdir'        [ Not found ]
[01:01:08]   Checking for directory '/dev/tux'               [ Not found ]
[01:01:08]   Checking for directory '/dev/tux/ssh2'          [ Not found ]
[01:01:08]   Checking for directory '/dev/tux/backup'        [ Not found ]
[01:01:08] Tuxtendo Rootkit                                  [ Not found ]
[01:01:08]
[01:01:08] Checking for URK Rootkit...
[01:01:08]   Checking for file '/usr/man/man1/xxxxxxbin/find' [ Not found ]
[01:01:08]   Checking for file '/usr/man/man1/xxxxxxbin/du'  [ Not found ]
[01:01:08]   Checking for file '/usr/man/man1/xxxxxxbin/ps'  [ Not found ]
[01:01:08]   Checking for file '/tmp/conf.inf'               [ Not found ]
[01:01:08]   Checking for directory '/usr/man/man1/xxxxxxbin' [ Not found ]
[01:01:08] URK Rootkit                                       [ Not found ]
[01:01:08]
[01:01:08] Checking for Vampire Rootkit...
[01:01:08]   Checking for kernel symbol 'new_getdents'       [ Not found ]
[01:01:08]   Checking for kernel symbol 'old_getdents'       [ Not found ]
[01:01:08]   Checking for kernel symbol 'should_hide_file_name' [ Not found ]
[01:01:09]   Checking for kernel symbol 'should_hide_task_name' [ Not found ]
[01:01:09] Vampire Rootkit                                   [ Not found ]
[01:01:09]
[01:01:09] Checking for VcKit Rootkit...
[01:01:09]   Checking for directory '/usr/include/linux/modules/lib.so' [ Not found ]
[01:01:09]   Checking for directory '/usr/include/linux/modules/lib.so/bin' [ Not found ]
[01:01:09] VcKit Rootkit                                     [ Not found ]
[01:01:09]
[01:01:09] Checking for Volc Rootkit...
[01:01:09]   Checking for directory '/var/spool/.recent'     [ Not found ]
[01:01:09]   Checking for directory '/var/spool/.recent/.files' [ Not found ]
[01:01:09]   Checking for directory '/usr/lib/volc'          [ Not found ]
[01:01:09]   Checking for directory '/usr/lib/volc/backup'   [ Not found ]
[01:01:09] Volc Rootkit                                      [ Not found ]
[01:01:09]
[01:01:09] Checking for X-Org SunOS Rootkit...
[01:01:09]   Checking for file '/usr/lib/libX.a/bin/tmpfl'   [ Not found ]
[01:01:09]   Checking for file '/usr/lib/libX.a/bin/rps'     [ Not found ]
[01:01:09]   Checking for file '/usr/bin/srload'             [ Not found ]
[01:01:09]   Checking for file '/usr/lib/libX.a/bin/sparcv7/rps' [ Not found ]
[01:01:09]   Checking for file '/usr/sbin/modcheck'          [ Not found ]
[01:01:09]   Checking for directory '/usr/lib/libX.a'        [ Not found ]
[01:01:09]   Checking for directory '/usr/lib/libX.a/bin'    [ Not found ]
[01:01:09]   Checking for directory '/usr/lib/libX.a/bin/sparcv7' [ Not found ]
[01:01:09]   Checking for directory '/usr/share/man...'      [ Not found ]
[01:01:09] X-Org SunOS Rootkit                               [ Not found ]

Offline no_stress

  • Jr. Member
  • **
  • Post: 44
    • Mostra profilo
Re: Possibili problemi di sicurezza sul mio server da watchdog
« Risposta #5 il: 30 Aprile 2012, 01:39:09 »
[01:01:09]
[01:01:09] Checking for zaRwT.KiT Rootkit...
[01:01:09]   Checking for file '/dev/rd/s/sendmeil'          [ Not found ]
[01:01:09]   Checking for file '/dev/ttyf'                   [ Not found ]
[01:01:09]   Checking for file '/dev/ttyp'                   [ Not found ]
[01:01:09]   Checking for file '/dev/ttyn'                   [ Not found ]
[01:01:09]   Checking for file '/rk/tulz'                    [ Not found ]
[01:01:09]   Checking for directory '/rk'                    [ Not found ]
[01:01:09]   Checking for directory '/dev/rd/s'              [ Not found ]
[01:01:09] zaRwT.KiT Rootkit                                 [ Not found ]
[01:01:09]
[01:01:09] Performing additional rootkit checks
[01:01:09] Info: Starting test name 'additional_rkts'
[01:01:09]
[01:01:09]   Performing Suckit Rookit additional checks
[01:01:09]     Checking hard link count on '/sbin/init'      [ OK ]
[01:01:09]     Checking for hidden file extensions           [ None found ]
[01:01:09]     Running skdet command                         [ Skipped ]
[01:01:09] Info: Unable to find the 'skdet' command
[01:01:10]   Suckit Rookit additional checks                 [ OK ]
[01:01:10]
[01:01:10]   Performing check of possible rootkit files and directories
[01:01:10] Info: Starting test name 'possible_rkt_files'
[01:01:10]     Checking for file '/dev/sdr0'                 [ Not found ]
[01:01:10]     Checking for file '/tmp/.syshackfile'         [ Not found ]
[01:01:10]     Checking for file '/tmp/.bash_history'        [ Not found ]
[01:01:10]     Checking for file '/usr/info/.clib'           [ Not found ]
[01:01:10]     Checking for file '/usr/sbin/tcp.log'         [ Not found ]
[01:01:10]     Checking for file '/usr/bin/take/pid'         [ Not found ]
[01:01:10]     Checking for file '/sbin/create'              [ Not found ]
[01:01:10]     Checking for file '/dev/ttypz'                [ Not found ]
[01:01:10]     Checking for directory '/usr/bin/take'        [ Not found ]
[01:01:10]     Checking for directory '/usr/src/.lib'        [ Not found ]
[01:01:10]     Checking for directory '/usr/share/man/man1/.1c' [ Not found ]
[01:01:10]     Checking for directory '/lib/lblip.tk'        [ Not found ]
[01:01:10]     Checking for directory '/usr/sbin/...'        [ Not found ]
[01:01:10]     Checking for directory '/usr/share/.gun'      [ Not found ]
[01:01:10]   Checking for possible rootkit files and directories [ None found ]
[01:01:10]
[01:01:10]   Performing check for possible rootkit strings
[01:01:10] Info: Starting test name 'possible_rkt_strings'
[01:01:10] Info: Using system startup paths: /etc/rc.d /etc/inittab
[01:01:10]     Checking for string '/dev/proc/fuckit'        [ Not found ]
[01:01:10]     Checking for string 'FUCK'                    [ Not found ]
[01:01:10]     Checking for string 'backdoor'                [ Not found ]
[01:01:10]     Checking for string 'vt200'                   [ Not found ]
[01:01:10]     Checking for string '/usr/bin/xstat'          [ Not found ]
[01:01:10]     Checking for string '/bin/envpc'              [ Not found ]
[01:01:11]     Checking for string 'L4m3r0x'                 [ Not found ]
[01:01:11]     Checking for string '/usr/lib/.tbd'           [ Not found ]
[01:01:11]     Checking for string '/dev/ptyxx/.file'        [ Not found ]
[01:01:11]     Checking for string '/dev/sgk'                [ Not found ]
[01:01:11]     Checking for string '/var/lock/subsys/...datafile...' [ Not found ]
[01:01:11]     Checking for string '/usr/lib/.tbd'           [ Not found ]
[01:01:11]     Checking for string '/dev/proc/fuckit'        [ Not found ]
[01:01:11]     Checking for string '/lib/.sso'               [ Not found ]
[01:01:11]     Checking for string '/var/lock/subsys/...datafile...' [ Not found ]
[01:01:11]     Checking for string '/dev/caca'               [ Not found ]
[01:01:11]     Checking for string '/dev/ttyoa'              [ Not found ]
[01:01:11]     Checking for string 'syg'                     [ Not found ]
[01:01:11]     Checking for string '/dev/pts/01'             [ Not found ]
[01:01:11]     Checking for string 'tw33dl3'                 [ Not found ]
[01:01:11]     Checking for string 'psniff'                  [ Not found ]
[01:01:11]     Checking for string '/var/lock/subsys/...datafile...' [ Not found ]
[01:01:11]     Checking for string '/dev/ptyxx'              [ Not found ]
[01:01:11]     Checking for string '/usr/lib/.tbd'           [ Not found ]
[01:01:12]     Checking for string 'in.inetd'                [ Not found ]
[01:01:12]     Checking for string '#<HIDE_.*>'              [ Not found ]
[01:01:12]     Checking for string 'bin/xchk'                [ Not found ]
[01:01:12]     Checking for string 'bin/xsf'                 [ Not found ]
[01:01:12]   Checking for possible rootkit strings           [ None found ]
[01:01:12]
[01:01:12] Performing malware checks
[01:01:12] Info: Starting test name 'malware'
[01:01:12]
[01:01:12] Info: Test 'deleted_files' disabled at users request.
[01:01:12] Info: Starting test name 'running_procs'
[01:01:13]   Checking running processes for suspicious files [ None found ]
[01:01:13]
[01:01:13] Info: Test 'hidden_procs' disabled at users request.
[01:01:13]
[01:01:13] Info: Test 'suspscan' disabled at users request.
[01:01:13]
[01:01:13]   Performing check for login backdoors
[01:01:13] Info: Starting test name 'other_malware'
[01:01:13]     Checking for '/bin/.login'                    [ Not found ]
[01:01:13]     Checking for '/sbin/.login'                   [ Not found ]
[01:01:13]   Checking for login backdoors                    [ None found ]
[01:01:13]
[01:01:13]   Performing check for suspicious directories
[01:01:13]     Checking for directory '/usr/X11R6/bin/.,/copy' [ Not found ]
[01:01:13]     Checking for directory '/dev/rd/cdb'          [ Not found ]
[01:01:13]   Checking for suspicious directories             [ None found ]
[01:01:13]
[01:01:13]   Checking for software intrusions                [ Skipped ]
[01:01:13] Info: Check skipped - tripwire not installed
[01:01:13]
[01:01:13]   Performing check for sniffer log files
[01:01:13]     Checking for file '/usr/lib/libice.log'       [ Not found ]
[01:01:13]   Checking for sniffer log files                  [ None found ]
[01:01:13]
[01:01:13] Performing trojan specific checks
[01:01:13] Info: Starting test name 'trojans'
[01:01:13]   Checking for enabled inetd services             [ Skipped ]
[01:01:13] Info: Check skipped - file '/etc/inetd.conf' does not exist.
[01:01:13]
[01:01:13]   Performing check for enabled xinetd services
[01:01:13] Info: Using xinetd configuration file '/etc/xinetd.conf'
[01:01:13]     Checking '/etc/xinetd.conf' for enabled services [ None found ]
[01:01:13]       Found 'includedir /etc/xinetd.d' directive
[01:01:13]     Checking '/etc/xinetd.d/chargen-dgram' for enabled services [ None found ]
[01:01:13]     Checking '/etc/xinetd.d/chargen-stream' for enabled services [ None found ]
[01:01:13]     Checking '/etc/xinetd.d/daytime-dgram' for enabled services [ None found ]
[01:01:13]     Checking '/etc/xinetd.d/daytime-stream' for enabled services [ None found ]
[01:01:13]     Checking '/etc/xinetd.d/discard-dgram' for enabled services [ None found ]
[01:01:13]     Checking '/etc/xinetd.d/discard-stream' for enabled services [ None found ]
[01:01:13]     Checking '/etc/xinetd.d/echo-dgram' for enabled services [ None found ]
[01:01:13]     Checking '/etc/xinetd.d/echo-stream' for enabled services [ None found ]
[01:01:13]     Checking '/etc/xinetd.d/ftp_psa' for enabled services [ Warning ]
[01:01:14]     Checking '/etc/xinetd.d/poppassd_psa' for enabled services [ Warning ]
[01:01:14]     Checking '/etc/xinetd.d/rsync' for enabled services [ None found ]
[01:01:14]     Checking '/etc/xinetd.d/smtp_psa' for enabled services [ Warning ]
[01:01:14]     Checking '/etc/xinetd.d/smtps_psa' for enabled services [ Warning ]
[01:01:14]     Checking '/etc/xinetd.d/tcpmux-server' for enabled services [ None found ]
[01:01:14]     Checking '/etc/xinetd.d/time-dgram' for enabled services [ None found ]
[01:01:14]     Checking '/etc/xinetd.d/time-stream' for enabled services [ None found ]
[01:01:14]   Checking for enabled xinetd services            [ Warning ]
[01:01:14] Warning: Found enabled xinetd service: /etc/xinetd.d/ftp_psa
[01:01:14] Warning: Found enabled xinetd service: /etc/xinetd.d/poppassd_psa
[01:01:14] Warning: Found enabled xinetd service: /etc/xinetd.d/smtp_psa
[01:01:14] Warning: Found enabled xinetd service: /etc/xinetd.d/smtps_psa
[01:01:14]   Checking for Apache backdoor                    [ Not found ]
[01:01:14]

Offline no_stress

  • Jr. Member
  • **
  • Post: 44
    • Mostra profilo
Re: Possibili problemi di sicurezza sul mio server da watchdog
« Risposta #6 il: 30 Aprile 2012, 01:39:21 »
[01:01:14] Performing Linux specific checks
[01:01:14] Info: Starting test name 'os_specific'
[01:01:14]   Checking loaded kernel modules                  [ OK ]
[01:01:14] Info: Using modules pathname of '/lib/modules/2.6.32-220.7.1.el6.x86_64'
[01:01:16]   Checking kernel module names                    [ OK ]
[01:01:16]
[01:01:16] Checking the network...
[01:01:16] Info: Starting test name 'network'
[01:01:16] Info: Starting test name 'ports'
[01:01:16]
[01:01:16] Performing check for backdoor ports
[01:01:16]   Checking for TCP port 1524                      [ Not found ]
[01:01:16]   Checking for TCP port 1984                      [ Not found ]
[01:01:16]   Checking for UDP port 2001                      [ Not found ]
[01:01:16]   Checking for TCP port 2006                      [ Not found ]
[01:01:16]   Checking for TCP port 2128                      [ Not found ]
[01:01:16]   Checking for TCP port 6666                      [ Not found ]
[01:01:16]   Checking for TCP port 6667                      [ Not found ]
[01:01:16]   Checking for TCP port 6668                      [ Not found ]
[01:01:16]   Checking for TCP port 6669                      [ Not found ]
[01:01:17]   Checking for TCP port 7000                      [ Not found ]
[01:01:17]   Checking for TCP port 13000                     [ Not found ]
[01:01:17]   Checking for TCP port 14856                     [ Not found ]
[01:01:17]   Checking for TCP port 25000                     [ Not found ]
[01:01:17]   Checking for TCP port 29812                     [ Not found ]
[01:01:17]   Checking for TCP port 31337                     [ Not found ]
[01:01:17]   Checking for TCP port 32982                     [ Not found ]
[01:01:17]   Checking for TCP port 33369                     [ Not found ]
[01:01:17]   Checking for TCP port 47107                     [ Not found ]
[01:01:17]   Checking for TCP port 47018                     [ Not found ]
[01:01:17]   Checking for TCP port 60922                     [ Not found ]
[01:01:17]   Checking for TCP port 62883                     [ Not found ]
[01:01:18]   Checking for TCP port 65535                     [ Not found ]
[01:01:18]
[01:01:18] Performing checks on the network interfaces
[01:01:18] Info: Starting test name 'promisc'
[01:01:18]   Checking for promiscuous interfaces             [ None found ]
[01:01:18]
[01:01:18] Info: Test 'packet_cap_apps' disabled at users request.
[01:01:18]
[01:01:18] Checking the local host...
[01:01:18] Info: Starting test name 'local_host'
[01:01:18]
[01:01:18] Performing system boot checks
[01:01:18] Info: Starting test name 'startup_files'
[01:01:18]   Checking for local host name                    [ Found ]
[01:01:18] Info: Starting test name 'startup_malware'
[01:01:18]   Checking for system startup files               [ Found ]
[01:01:18]   Checking system startup files for malware       [ None found ]
[01:01:18]
[01:01:18] Performing group and account checks
[01:01:18] Info: Starting test name 'group_accounts'
[01:01:18]   Checking for passwd file                        [ Found ]
[01:01:18] Info: Found password file: /etc/passwd
[01:01:18]   Checking for root equivalent (UID 0) accounts   [ None found ]
[01:01:18] Info: Found shadow file: /etc/shadow
[01:01:18]   Checking for passwordless accounts              [ None found ]
[01:01:18] Info: Starting test name 'passwd_changes'
[01:01:18]   Checking for passwd file changes                [ Warning ]
[01:01:19] Warning: Unable to check for passwd file differences: no copy of the passwd file exists.
[01:01:19] Info: Starting test name 'group_changes'
[01:01:19]   Checking for group file changes                 [ Warning ]
[01:01:19] Warning: Unable to check for group file differences: no copy of the group file exists.
[01:01:19]   Checking root account shell history files       [ OK ]
[01:01:19]
[01:01:19] Performing system configuration file checks
[01:01:19] Info: Starting test name 'system_configs'
[01:01:19]   Checking for SSH configuration file             [ Found ]
[01:01:19] Info: Found SSH configuration file: /etc/ssh/sshd_config
[01:01:19] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'unset'.
[01:01:19] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '2'.
[01:01:19]   Checking if SSH root access is allowed          [ Warning ]
[01:01:19] Warning: The SSH and rkhunter configuration options should be the same:
[01:01:19]          SSH configuration option 'PermitRootLogin': no
[01:01:19]          Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': unset
[01:01:19]   Checking if SSH protocol v1 is allowed          [ Not allowed ]
[01:01:19]   Checking for running syslog daemon              [ Found ]
[01:01:19]   Checking for syslog configuration file          [ Found ]
[01:01:19] Info: Found syslog configuration file: /etc/rsyslog.conf
[01:01:19]   Checking if syslog remote logging is allowed    [ Not allowed ]
[01:01:19]
[01:01:19] Performing filesystem checks
[01:01:19] Info: Starting test name 'filesystem'
[01:01:19] Info: SCAN_MODE_DEV set to 'THOROUGH'
[01:01:19]   Checking /dev for suspicious file types         [ None found ]
[01:01:19]   Checking for hidden files and directories       [ Warning ]
[01:01:20] Warning: Hidden directory found: /dev/.udev
[01:01:20] Warning: Hidden file found: /etc/.php.ini.swo: Vim swap file, version 7.2
[01:01:20] Warning: Hidden file found: /etc/.resolv.conf.swj: Vim swap file, version 7.2
[01:01:20] Warning: Hidden file found: /etc/.resolv.conf.swk: Vim swap file, version 7.2
[01:01:20] Warning: Hidden file found: /etc/.resolv.conf.swl: Vim swap file, version 7.2
[01:01:20] Warning: Hidden file found: /etc/.resolv.conf.swn: Vim swap file, version 7.2
[01:01:20] Warning: Hidden file found: /etc/.resolv.conf.swo: Vim swap file, version 7.2
[01:01:20] Warning: Hidden file found: /etc/.resolv.conf.swp: Vim swap file, version 7.2
[01:01:20] Warning: Hidden file found: /usr/share/man/man1/..1.gz: gzip compressed data, from Unix, max compression
[01:01:20] Warning: Hidden file found: /usr/share/man/man5/.k5login.5.gz: gzip compressed data, from Unix, max compression
[01:01:20] Warning: Hidden file found: /usr/bin/.ssh.hmac: ASCII text
[01:01:20] Warning: Hidden file found: /usr/bin/.fipscheck.hmac: ASCII text
[01:01:20] Warning: Hidden file found: /usr/sbin/.ipsec.hmac: ASCII text
[01:01:20] Warning: Hidden file found: /usr/sbin/.sshd.hmac: ASCII text
[01:01:20]
[01:01:20] Checking application versions...
[01:01:20] Info: Starting test name 'apps'
[01:01:21] Info: Application 'exim' not found.
[01:01:21]   Checking version of GnuPG                       [ OK ]
[01:01:21] Info: Application 'gpg' version '2.0.14' found.
[01:01:21]   Checking version of Apache                      [ Warning ]
[01:01:21] Warning: Application 'httpd', version '2.2.15', is out of date, and possibly a security risk.
[01:01:21]   Checking version of Bind DNS                    [ OK ]
[01:01:21] Info: Application 'named' version '9.7.3' found.
[01:01:21]   Checking version of OpenSSL                     [ Warning ]
[01:01:21] Warning: Application 'openssl', version '0.9.7k', is out of date, and possibly a security risk.
[01:01:21]   Checking version of PHP                         [ OK ]
[01:01:21] Info: Application 'php' version '5.3.3' found.
[01:01:21]   Checking version of Procmail MTA                [ OK ]
[01:01:21] Info: Application 'procmail' version '3.22' found.
[01:01:21]   Checking version of ProFTPd                     [ Skipped ]
[01:01:21] Info: Unable to obtain version number for 'proftpd': version option gives: ProFTPD Version 1.3.3e
[01:01:21]   Checking version of OpenSSH                     [ OK ]
[01:01:21] Info: Application 'sshd' version '5.3p1' found.
[01:01:21] Info: Applications checked: 8 out of 9
[01:01:21]
[01:01:21] System checks summary
[01:01:21] =====================
[01:01:21]
[01:01:21] File properties checks...
[01:01:21] Required commands check failed
[01:01:21] Files checked: 121
[01:01:21] Suspect files: 3
[01:01:21]
[01:01:21] Rootkit checks...
[01:01:21] Rootkits checked : 111
[01:01:21] Possible rootkits: 0
[01:01:21]
[01:01:21] Applications checks...
[01:01:21] Applications checked: 8
[01:01:21] Suspect applications: 2
[01:01:21]
[01:01:21] The system checks took: 1 minute and 4 seconds

Offline no_stress

  • Jr. Member
  • **
  • Post: 44
    • Mostra profilo
Re: Possibili problemi di sicurezza sul mio server da watchdog
« Risposta #7 il: 30 Aprile 2012, 01:40:01 »
Please inspect this machine, because it may be infected. Scan log:
[01:13:32] Running Rootkit Hunter version 1.3.4 on ischiahotel
[01:13:32]
[01:13:32] Info: Start date is lun 30 apr 2012, 01.13.32, CEST
[01:13:32]
[01:13:32] Checking configuration file and command-line options...
[01:13:32] Info: Detected operating system is 'Linux'
[01:13:32] Info: Found O/S name: CentOS release 6.2 (Final)
[01:13:32] Info: Command line is /usr/local/psa/admin/sbin/modules//watchdog/rkhunter -c --nocolors --configfile /usr/local/psa/etc/modules/watchdog/rkhunter.conf --propupd --createlogfile
[01:13:32] Info: Environment shell is /bin/bash; rkhunter is using bash
[01:13:32] Info: Using configuration file '/usr/local/psa/etc/modules/watchdog/rkhunter.conf'
[01:13:32] Info: Installation directory is '/usr/local/psa'
[01:13:32] Info: Using language 'en'
[01:13:32] Info: Using '/usr/local/psa/var/modules/watchdog/lib/rkhunter/lib/rkhunter/db' as the database directory
[01:13:32] Info: Using '/usr/local/psa/var/modules/watchdog/lib/rkhunter/rkhunter/scripts' as the support script directory
[01:13:32] Info: Using '/usr/local/psa/admin/bin/modules/watchdog /usr/local/bin /usr/local/sbin /bin /sbin /usr/bin /usr/sbin /bin /usr/bin /sbin /usr/sbin /usr/local/bin /usr/local/sbin /usr/libexec /usr/local/libexec' as the command directories
[01:13:32] Info: Using '/' as the root directory by default
[01:13:32] Info: Using '/usr/local/psa/var/modules/watchdog/lib/rkhunter/lib/rkhunter/tmp' as the temporary directory
[01:13:32] Info: Emailing warnings to 'info@dirweb.it' using command '/usr/local/psa/admin/bin/modules/watchdog/send-mail'
[01:13:32] Info: X will be automatically detected
[01:13:32] Info: Found the 'diff' command: /usr/bin/diff
[01:13:32] Info: Found the 'file' command: /usr/bin/file
[01:13:32] Info: Found the 'find' command: /bin/find
[01:13:32] Info: Found the 'ifconfig' command: /sbin/ifconfig
[01:13:32] Info: Found the 'ip' command: /sbin/ip
[01:13:32] Info: Found the 'ldd' command: /usr/bin/ldd
[01:13:32] Info: Found the 'lsattr' command: /usr/bin/lsattr
[01:13:32] Info: Found the 'lsmod' command: /sbin/lsmod
[01:13:32] Info: Found the 'lsof' command: /usr/sbin/lsof
[01:13:32] Info: Found the 'mktemp' command: /bin/mktemp
[01:13:32] Info: Found the 'netstat' command: /bin/netstat
[01:13:32] Info: Found the 'perl' command: /usr/bin/perl
[01:13:32] Info: Found the 'ps' command: /bin/ps
[01:13:32] Info: Found the 'pwd' command: /bin/pwd
[01:13:32] Info: Found the 'readlink' command: /bin/readlink
[01:13:32] Info: Found the 'sort' command: /bin/sort
[01:13:32] Info: Found the 'stat' command: /usr/bin/stat
[01:13:32] Info: Found the 'strings' command: /usr/bin/strings
[01:13:32] Info: Found the 'uniq' command: /usr/bin/uniq
[01:13:33] Info: System is not using prelinking
[01:13:33] Info: Using the '/usr/bin/sha1sum' command for the file hash checks
[01:13:33] Info: Stored hash values used hash function '/usr/bin/sha1sum'
[01:13:33] Info: Stored hash values used package manager 'RPM' (md5 function)
[01:13:33] Info: The hash function field index is set to 1
[01:13:33] Info: Using package manager 'RPM' to update the file hash values
[01:13:33] Info: Found the 'rpm' command: /bin/rpm
[01:13:33] Info: Using package manager 'RPM' for file property checks
[01:13:33] Info: Found the 'rpm' command: /bin/rpm
[01:13:33] Info: Previous file attributes were stored
[01:13:33] Info: Current file attributes will be stored
[01:13:33] Info: Enabled tests are: all
[01:13:33] Info: Disabled tests are: suspscan hidden_procs deleted_files packet_cap_apps
[01:13:33] Info: Found ksym file '/proc/kallsyms'
[01:13:33]
[01:13:33] Checking if the O/S has changed since last time...
[01:13:33] Info: Nothing seems to have changed
[01:13:33]
[01:13:33] Info: Starting file properties data update...
[01:13:33] Info: Created temporary file '/usr/local/psa/var/modules/watchdog/lib/rkhunter/lib/rkhunter/tmp/rkhunter.dat.I3WVpyEvLU'
[01:13:33] Collecting O/S info...
[01:13:33] Info: Found system architecture: x86_64
[01:13:33] Info: Found release file: /etc/centos-release
[01:13:33] Info: Found O/S name: CentOS release 6.2 (Final)
[01:13:33] Getting file properties...
[01:13:36] Info: Found 38 files in /bin
[01:13:39] Info: Found 51 files in /usr/bin
[01:13:40] Info: Found 18 files in /sbin
[01:13:41] Info: Found 14 files in /usr/sbin
[01:13:41] Info: Found 0 files in /usr/local/bin
[01:13:41] Info: Found 0 files in /usr/local/sbin
[01:13:41] Info: Found 0 files in /usr/libexec
[01:13:41] Info: Found 0 files in /usr/local/libexec
[01:13:41] Info: File updated: searched for 150 files, found 121
[01:13:41] Info: New rkhunter.dat file installed in '/usr/local/psa/var/modules/watchdog/lib/rkhunter/lib/rkhunter/db'
[01:13:41]
[01:13:41] Starting system checks...
[01:13:41]
[01:13:41] Checking system commands...
[01:13:42] Info: Starting test name 'system_commands'
[01:13:42]
[01:13:42] Performing 'strings' command checks
[01:13:42] Info: Starting test name 'strings'
[01:13:42] Scanning for string /usr/sbin/ntpsx               [ OK ]
[01:13:42] Scanning for string /usr/lib/.../ls               [ OK ]
[01:13:42] Scanning for string /usr/lib/.../netstat          [ OK ]
[01:13:42] Scanning for string /usr/lib/.../lsof             [ OK ]
[01:13:42] Scanning for string /usr/lib/.../bkit-ssh/bkit-shdcfg [ OK ]
[01:13:42] Scanning for string /usr/lib/.../bkit-ssh/bkit-shhk [ OK ]
[01:13:42] Scanning for string /usr/lib/.../bkit-ssh/bkit-pw [ OK ]
[01:13:42] Scanning for string /usr/lib/.../bkit-ssh/bkit-shrs [ OK ]
[01:13:42] Scanning for string /usr/lib/.../uconf.inv        [ OK ]
[01:13:42] Scanning for string /usr/lib/.../psr              [ OK ]
[01:13:42] Scanning for string /usr/lib/.../find             [ OK ]
[01:13:42] Scanning for string /usr/lib/.../pstree           [ OK ]
[01:13:42] Scanning for string /usr/lib/.../slocate          [ OK ]
[01:13:42] Scanning for string /usr/lib/.../du               [ OK ]
[01:13:42] Scanning for string /usr/lib/.../top              [ OK ]
[01:13:42] Scanning for string /usr/lib/...                  [ OK ]
[01:13:42] Scanning for string /usr/lib/.../bkit-ssh         [ OK ]
[01:13:42] Scanning for string /usr/lib/.bkit-               [ OK ]
[01:13:42] Scanning for string /tmp/.bkp                     [ OK ]
[01:13:42] Scanning for string /tmp/.cinik                   [ OK ]
[01:13:42] Scanning for string /tmp/.font-unix/.cinik        [ OK ]
[01:13:42] Scanning for string /lib/.sso                     [ OK ]
[01:13:42] Scanning for string /lib/.so                      [ OK ]
[01:13:42] Scanning for string /var/run/...dica/clean        [ OK ]
[01:13:42] Scanning for string /var/run/...dica/xl           [ OK ]
[01:13:42] Scanning for string /var/run/...dica/xdr          [ OK ]
[01:13:42] Scanning for string /var/run/...dica/psg          [ OK ]
[01:13:42] Scanning for string /var/run/...dica/secure       [ OK ]
[01:13:42] Scanning for string /var/run/...dica/rdx          [ OK ]
[01:13:42] Scanning for string /var/run/...dica/va           [ OK ]
[01:13:42] Scanning for string /var/run/...dica/cl.sh        [ OK ]
[01:13:42] Scanning for string /usr/bin/.etc                 [ OK ]
[01:13:42] Scanning for string /usr/lib/.fx/sched_host.2     [ OK ]
[01:13:42] Scanning for string /usr/lib/.fx/random_d.2       [ OK ]
[01:13:42] Scanning for string /usr/lib/.fx/set_pid.2        [ OK ]
[01:13:42] Scanning for string /usr/lib/.fx/cons.saver       [ OK ]
[01:13:43] Scanning for string /usr/lib/.fx/adore/adore/adore.ko [ OK ]
[01:13:43] Scanning for string /bin/sysback                  [ OK ]
[01:13:43] Scanning for string /usr/local/bin/sysback        [ OK ]
[01:13:43] Scanning for string /usr/lib/.tbd                 [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/t0rns       [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/du          [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/ls          [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/t0rnsb      [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/ps          [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/t0rnp       [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/find        [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/ifconfig    [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/pg          [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/ssh.tgz     [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/top         [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/sz          [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/login       [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/in.fingerd  [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/1i0n.sh     [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/pstree      [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/in.telnetd  [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/mjy         [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/sush        [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/tfn         [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/name        [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/getip.sh    [ OK ]
[01:13:43] Scanning for string /usr/info/.torn/sh*           [ OK ]
[01:13:43] Scanning for string /usr/src/.puta/.1addr         [ OK ]
[01:13:43] Scanning for string /usr/src/.puta/.1file         [ OK ]
[01:13:43] Scanning for string /usr/src/.puta/.1proc         [ OK ]
[01:13:43] Scanning for string /usr/src/.puta/.1logz         [ OK ]
[01:13:43] Scanning for string /usr/info/.t0rn               [ OK ]
[01:13:43] Scanning for string /dev/.lib                     [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib                 [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib             [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/lib/dev         [ OK ]
[01:13:43] Scanning for string /dev/.lib/lib/scan            [ OK ]
[01:13:43] Scanning for string /usr/src/.puta                [ OK ]
[01:13:44] Scanning for string /usr/man/man1/man1            [ OK ]
[01:13:44] Scanning for string /usr/man/man1/man1/lib        [ OK ]
[01:13:44] Scanning for string /usr/man/man1/man1/lib/.lib   [ OK ]
[01:13:44] Scanning for string /usr/man/man1/man1/lib/.lib/.backup [ OK ]
[01:13:44]
[01:13:44] Performing 'shared libraries' checks
[01:13:44] Info: Starting test name 'shared_libs'
[01:13:44] Checking for preloading variables                 [ None found ]
[01:13:44] Checking for preload file                         [ Not found ]
[01:13:44] Info: Starting test name 'shared_libs_path'
[01:13:44] Checking LD_LIBRARY_PATH variable                 [ Not found ]

Offline no_stress

  • Jr. Member
  • **
  • Post: 44
    • Mostra profilo
Re: Possibili problemi di sicurezza sul mio server da watchdog
« Risposta #8 il: 30 Aprile 2012, 01:40:35 »
[01:13:44]
[01:13:44] Performing file properties checks
[01:13:44] Info: Starting test name 'properties'
[01:13:44] Checking for prerequisites                        [ OK ]
[01:13:44] /bin/awk                                          [ OK ]
[01:13:45] /bin/basename                                     [ OK ]
[01:13:45] /bin/bash                                         [ OK ]
[01:13:45] /bin/cat                                          [ OK ]
[01:13:45] /bin/chmod                                        [ OK ]
[01:13:45] /bin/chown                                        [ OK ]
[01:13:45] /bin/cp                                           [ OK ]
[01:13:45] /bin/cut                                          [ OK ]
[01:13:45] /bin/date                                         [ OK ]
[01:13:46] /bin/df                                           [ OK ]
[01:13:46] /bin/dmesg                                        [ OK ]
[01:13:46] /bin/echo                                         [ OK ]
[01:13:46] /bin/egrep                                        [ OK ]
[01:13:46] /bin/env                                          [ OK ]
[01:13:46] /bin/fgrep                                        [ OK ]
[01:13:47] /bin/find                                         [ OK ]
[01:13:47] /bin/grep                                         [ OK ]
[01:13:47] /bin/kill                                         [ OK ]
[01:13:47] /bin/login                                        [ OK ]
[01:13:47] /bin/ls                                           [ OK ]
[01:13:47] /bin/mail                                         [ OK ]
[01:13:48] /bin/mktemp                                       [ OK ]
[01:13:48] /bin/more                                         [ OK ]
[01:13:48] /bin/mount                                        [ OK ]
[01:13:48] /bin/mv                                           [ OK ]
[01:13:48] /bin/netstat                                      [ OK ]
[01:13:48] /bin/ps                                           [ OK ]
[01:13:48] /bin/pwd                                          [ OK ]
[01:13:49] /bin/readlink                                     [ OK ]
[01:13:49] /bin/rpm                                          [ OK ]
[01:13:49] /bin/sed                                          [ OK ]
[01:13:49] /bin/sh                                           [ OK ]
[01:13:49] /bin/sort                                         [ OK ]
[01:13:49] /bin/su                                           [ OK ]
[01:13:49] /bin/touch                                        [ OK ]
[01:13:50] /bin/uname                                        [ OK ]
[01:13:50] /bin/gawk                                         [ OK ]
[01:13:50] /bin/mailx                                        [ OK ]
[01:13:50] /usr/bin/awk                                      [ OK ]
[01:13:50] /usr/bin/chattr                                   [ OK ]
[01:13:50] /usr/bin/curl                                     [ OK ]
[01:13:51] /usr/bin/cut                                      [ OK ]
[01:13:51] /usr/bin/diff                                     [ OK ]
[01:13:51] /usr/bin/dirname                                  [ OK ]
[01:13:51] /usr/bin/du                                       [ OK ]
[01:13:51] /usr/bin/env                                      [ OK ]
[01:13:51] /usr/bin/file                                     [ OK ]
[01:13:51] /usr/bin/find                                     [ OK ]
[01:13:52] /usr/bin/GET                                      [ OK ]
[01:13:52] /usr/bin/groups                                   [ OK ]
[01:13:52] /usr/bin/head                                     [ OK ]
[01:13:52] /usr/bin/id                                       [ OK ]
[01:13:52] /usr/bin/kill                                     [ OK ]
[01:13:52] /usr/bin/killall                                  [ OK ]
[01:13:52] /usr/bin/last                                     [ OK ]
[01:13:53] /usr/bin/lastlog                                  [ OK ]
[01:13:53] /usr/bin/ldd                                      [ OK ]
[01:13:53] /usr/bin/less                                     [ OK ]
[01:13:53] /usr/bin/logger                                   [ OK ]
[01:13:54] /usr/bin/lsattr                                   [ OK ]
[01:13:54] /usr/bin/lynx                                     [ OK ]
[01:13:54] /usr/bin/md5sum                                   [ OK ]
[01:13:54] /usr/bin/newgrp                                   [ OK ]
[01:13:54] /usr/bin/passwd                                   [ OK ]
[01:13:54] Info: Found file '/usr/bin/passwd': it is whitelisted for the 'file immutable-bit' check.
[01:13:55] /usr/bin/perl                                     [ OK ]
[01:13:55] /usr/bin/pstree                                   [ OK ]
[01:13:55] /usr/bin/readlink                                 [ OK ]
[01:13:55] /usr/bin/runcon                                   [ OK ]
[01:13:56] /usr/bin/sha1sum                                  [ OK ]
[01:13:56] /usr/bin/size                                     [ OK ]
[01:13:56] /usr/bin/stat                                     [ OK ]
[01:13:56] /usr/bin/strings                                  [ OK ]
[01:13:56] /usr/bin/sudo                                     [ OK ]
[01:13:56] /usr/bin/tail                                     [ OK ]
[01:13:56] /usr/bin/test                                     [ OK ]
[01:13:57] /usr/bin/top                                      [ OK ]
[01:13:57] /usr/bin/tr                                       [ OK ]
[01:13:57] /usr/bin/uniq                                     [ OK ]
[01:13:57] /usr/bin/users                                    [ OK ]
[01:13:57] /usr/bin/vmstat                                   [ OK ]
[01:13:57] /usr/bin/w                                        [ OK ]
[01:13:57] /usr/bin/watch                                    [ OK ]
[01:13:57] /usr/bin/wc                                       [ OK ]
[01:13:58] /usr/bin/wget                                     [ OK ]
[01:13:58] /usr/bin/whereis                                  [ OK ]
[01:13:58] /usr/bin/which                                    [ OK ]
[01:13:58] /usr/bin/who                                      [ OK ]
[01:13:58] /usr/bin/whoami                                   [ OK ]
[01:13:58] /usr/bin/gawk                                     [ OK ]
[01:13:58] /sbin/chkconfig                                   [ OK ]
[01:13:59] /sbin/depmod                                      [ OK ]
[01:13:59] /sbin/fuser                                       [ OK ]
[01:13:59] /sbin/ifconfig                                    [ OK ]
[01:13:59] /sbin/ifdown                                      [ OK ]
[01:14:00] /sbin/ifup                                        [ OK ]
[01:14:00] /sbin/init                                        [ OK ]
[01:14:00] Info: Found file '/sbin/init': it is whitelisted for the 'file immutable-bit' check.
[01:14:00] /sbin/insmod                                      [ OK ]
[01:14:00] /sbin/ip                                          [ OK ]
[01:14:00] /sbin/lsmod                                       [ OK ]
[01:14:00] /sbin/modinfo                                     [ OK ]
[01:14:00] /sbin/modprobe                                    [ OK ]
[01:14:01] /sbin/nologin                                     [ OK ]
[01:14:01] /sbin/rmmod                                       [ OK ]
[01:14:01] /sbin/rsyslogd                                    [ OK ]
[01:14:01] /sbin/runlevel                                    [ OK ]
[01:14:01] /sbin/sulogin                                     [ OK ]
[01:14:01] /sbin/sysctl                                      [ OK ]
[01:14:02] /usr/sbin/adduser                                 [ OK ]
[01:14:02] /usr/sbin/chroot                                  [ OK ]
[01:14:02] /usr/sbin/groupadd                                [ OK ]
[01:14:02] /usr/sbin/groupdel                                [ OK ]
[01:14:02] /usr/sbin/groupmod                                [ OK ]
[01:14:02] /usr/sbin/grpck                                   [ OK ]
[01:14:03] /usr/sbin/lsof                                    [ OK ]
[01:14:03] /usr/sbin/pwck                                    [ OK ]
[01:14:03] /usr/sbin/sestatus                                [ OK ]
[01:14:03] /usr/sbin/useradd                                 [ OK ]
[01:14:03] /usr/sbin/userdel                                 [ OK ]
[01:14:04] /usr/sbin/usermod                                 [ OK ]
[01:14:04] /usr/sbin/vipw                                    [ OK ]
[01:14:04] /usr/sbin/xinetd                                  [ OK ]
[01:14:06]
[01:14:06] Checking for rootkits...
[01:14:06] Info: Starting test name 'rootkits'
[01:14:06]
[01:14:06] Performing check of known rootkit files and directories
[01:14:06] Info: Starting test name 'known_rkts'
[01:14:06]
[01:14:06] Checking for 55808 Trojan - Variant A...
[01:14:06]   Checking for file '/tmp/.../r'                  [ Not found ]
[01:14:06]   Checking for file '/tmp/.../a'                  [ Not found ]
[01:14:06] 55808 Trojan - Variant A                          [ Not found ]
[01:14:06]
[01:14:06] Checking for ADM Worm...
[01:14:06]   Checking for string 'w0rm'                      [ Not found ]
[01:14:07] ADM Worm                                          [ Not found ]
[01:14:07]
[01:14:07] Checking for AjaKit Rootkit...
[01:14:07]   Checking for file '/dev/tux/.addr'              [ Not found ]
[01:14:07]   Checking for file '/dev/tux/.proc'              [ Not found ]
[01:14:07]   Checking for file '/dev/tux/.file'              [ Not found ]
[01:14:07]   Checking for file '/lib/.libgh-gh/cleaner'      [ Not found ]
[01:14:07]   Checking for file '/lib/.libgh-gh/Patch/patch'  [ Not found ]
[01:14:07]   Checking for file '/lib/.libgh-gh/sb0k'         [ Not found ]
[01:14:07]   Checking for directory '/dev/tux'               [ Not found ]
[01:14:07]   Checking for directory '/lib/.libgh-gh'         [ Not found ]
[01:14:07] AjaKit Rootkit                                    [ Not found ]
[01:14:07]
[01:14:07] Checking for aPa Kit...
[01:14:07]   Checking for file '/usr/share/.aPa'             [ Not found ]
[01:14:07] aPa Kit                                           [ Not found ]
[01:14:07]
[01:14:07] Checking for Apache Worm...
[01:14:07]   Checking for file '/bin/.log'                   [ Not found ]
[01:14:07] Apache Worm                                       [ Not found ]
[01:14:07]
[01:14:07] Checking for Ambient (ark) Rootkit...
[01:14:07]   Checking for file '/usr/lib/.ark?'              [ Not found ]
[01:14:07]   Checking for file '/dev/ptyxx/.log'             [ Not found ]
[01:14:07]   Checking for file '/dev/ptyxx/.file'            [ Not found ]
[01:14:07]   Checking for directory '/dev/ptyxx'             [ Not found ]
[01:14:07] Ambient (ark) Rootkit                             [ Not found ]
[01:14:07]
[01:14:07] Checking for Balaur Rootkit...
[01:14:07]   Checking for file '/usr/lib/liblog.o'           [ Not found ]
[01:14:07]   Checking for directory '/usr/lib/.kinetic'      [ Not found ]
[01:14:07]   Checking for directory '/usr/lib/.egcs'         [ Not found ]
[01:14:07]   Checking for directory '/usr/lib/.wormie'       [ Not found ]
[01:14:07] Balaur Rootkit                                    [ Not found ]
[01:14:07]
[01:14:07] Checking for BeastKit Rootkit...
[01:14:07]   Checking for file '/usr/sbin/arobia'            [ Not found ]
[01:14:07]   Checking for file '/usr/sbin/idrun'             [ Not found ]
[01:14:07]   Checking for file '/usr/lib/elm/arobia/elm'     [ Not found ]
[01:14:07]   Checking for file '/usr/lib/elm/arobia/elm/hk'  [ Not found ]
[01:14:07]   Checking for file '/usr/lib/elm/arobia/elm/hk.pub' [ Not found ]
[01:14:07]   Checking for file '/usr/lib/elm/arobia/elm/sc'  [ Not found ]
[01:14:07]   Checking for file '/usr/lib/elm/arobia/elm/sd.pp' [ Not found ]
[01:14:07]   Checking for file '/usr/lib/elm/arobia/elm/sdco' [ Not found ]
[01:14:07]   Checking for file '/usr/lib/elm/arobia/elm/srsd' [ Not found ]
[01:14:07]   Checking for directory '/lib/ldd.so/bktools'    [ Not found ]
[01:14:08] BeastKit Rootkit                                  [ Not found ]
[01:14:08]
[01:14:08] Checking for beX2 Rootkit...
[01:14:08]   Checking for directory '/usr/include/bex'       [ Not found ]
[01:14:08] beX2 Rootkit                                      [ Not found ]
[01:14:08]
[01:14:08] Checking for BOBKit Rootkit...
[01:14:08]   Checking for file '/usr/sbin/ntpsx'             [ Not found ]
[01:14:08]   Checking for file '/usr/lib/.../ls'             [ Not found ]
[01:14:08]   Checking for file '/usr/lib/.../netstat'        [ Not found ]
[01:14:08]   Checking for file '/usr/lib/.../lsof'           [ Not found ]
[01:14:08]   Checking for file '/usr/lib/.../bkit-ssh/bkit-shdcfg' [ Not found ]
[01:14:08]   Checking for file '/usr/lib/.../bkit-ssh/bkit-shhk' [ Not found ]
[01:14:08]   Checking for file '/usr/lib/.../bkit-ssh/bkit-pw' [ Not found ]
[01:14:08]   Checking for file '/usr/lib/.../bkit-ssh/bkit-shrs' [ Not found ]
[01:14:08]   Checking for file '/usr/lib/.../uconf.inv'      [ Not found ]
[01:14:08]   Checking for file '/usr/lib/.../psr'            [ Not found ]
[01:14:08]   Checking for file '/usr/lib/.../find'           [ Not found ]
[01:14:08]   Checking for file '/usr/lib/.../pstree'         [ Not found ]
[01:14:08]   Checking for file '/usr/lib/.../slocate'        [ Not found ]
[01:14:08]   Checking for file '/usr/lib/.../du'             [ Not found ]
[01:14:08]   Checking for file '/usr/lib/.../top'            [ Not found ]
[01:14:08]   Checking for directory '/usr/lib/...'           [ Not found ]
[01:14:08]   Checking for directory '/usr/lib/.../bkit-ssh'  [ Not found ]
[01:14:08]   Checking for directory '/usr/lib/.bkit-'        [ Not found ]
[01:14:08]   Checking for directory '/tmp/.bkp'              [ Not found ]
[01:14:08] BOBKit Rootkit                                    [ Not found ]
[01:14:08]
[01:14:08] Checking for CiNIK Worm (Slapper.B variant)...
[01:14:08]   Checking for file '/tmp/.cinik'                 [ Not found ]
[01:14:08]   Checking for directory '/tmp/.font-unix/.cinik' [ Not found ]
[01:14:08] CiNIK Worm (Slapper.B variant)                    [ Not found ]
[01:14:08]
[01:14:08] Checking for Danny-Boy's Abuse Kit...
[01:14:08]   Checking for file '/dev/mdev'                   [ Not found ]
[01:14:08]   Checking for file '/usr/lib/libX.a'             [ Not found ]
[01:14:08] Danny-Boy's Abuse Kit                             [ Not found ]
[01:14:08]
[01:14:08] Checking for Devil RootKit...
[01:14:08]   Checking for file '/var/lib/games/.src'         [ Not found ]
[01:14:08]   Checking for file '/dev/dsx'                    [ Not found ]
[01:14:08]   Checking for file '/dev/caca'                   [ Not found ]
[01:14:08] Devil RootKit                                     [ Not found ]
[01:14:08]
[01:14:08] Checking for Dica-Kit Rootkit...
[01:14:08]   Checking for file '/lib/.sso'                   [ Not found ]
[01:14:08]   Checking for file '/lib/.so'                    [ Not found ]
[01:14:09]   Checking for file '/var/run/...dica/clean'      [ Not found ]
[01:14:09]   Checking for file '/var/run/...dica/xl'         [ Not found ]
[01:14:09]   Checking for file '/var/run/...dica/xdr'        [ Not found ]
[01:14:09]   Checking for file '/var/run/...dica/psg'        [ Not found ]
[01:14:09]   Checking for file '/var/run/...dica/secure'     [ Not found ]
[01:14:09]   Checking for file '/var/run/...dica/rdx'        [ Not found ]
[01:14:09]   Checking for file '/var/run/...dica/va'         [ Not found ]
[01:14:09]   Checking for file '/var/run/...dica/cl.sh'      [ Not found ]
[01:14:09]   Checking for file '/usr/bin/.etc'               [ Not found ]
[01:14:09]   Checking for directory '/var/run/...dica'       [ Not found ]
[01:14:09]   Checking for directory '/var/run/...dica/mh'    [ Not found ]
[01:14:09]   Checking for directory '/var/run/...dica/scan'  [ Not found ]
[01:14:09] Dica-Kit Rootkit                                  [ Not found ]
[01:14:09]
[01:14:09] Checking for Dreams Rootkit...
[01:14:09]   Checking for file '/dev/ttyoa'                  [ Not found ]
[01:14:09]   Checking for file '/dev/ttyof'                  [ Not found ]
[01:14:09]   Checking for file '/dev/ttyop'                  [ Not found ]
[01:14:09]   Checking for file '/usr/bin/sense'              [ Not found ]
[01:14:09]   Checking for file '/usr/bin/sl2'                [ Not found ]
[01:14:09]   Checking for file '/usr/bin/logclear'           [ Not found ]
[01:14:09]   Checking for file '/usr/bin/(swapd)'            [ Not found ]
[01:14:09]   Checking for file '/usr/bin/snfs'               [ Not found ]
[01:14:09]   Checking for file '/usr/lib/libsss'             [ Not found ]
[01:14:09]   Checking for directory '/dev/ida/.hpd'          [ Not found ]
[01:14:09] Dreams Rootkit                                    [ Not found ]

Offline no_stress

  • Jr. Member
  • **
  • Post: 44
    • Mostra profilo
Re: Possibili problemi di sicurezza sul mio server da watchdog
« Risposta #9 il: 30 Aprile 2012, 01:40:50 »
[01:14:09]
[01:14:09] Checking for Duarawkz Rootkit...
[01:14:09]   Checking for file '/usr/bin/duarawkz/loginpass' [ Not found ]
[01:14:09]   Checking for directory '/usr/bin/duarawkz'      [ Not found ]
[01:14:09] Duarawkz Rootkit                                  [ Not found ]
[01:14:09]
[01:14:09] Checking for Enye LKM...
[01:14:09]   Checking for file '/etc/.enyelkmHIDE^IT.ko'     [ Not found ]
[01:14:09] Enye LKM                                          [ Not found ]
[01:14:09]
[01:14:09] Checking for Flea Linux Rootkit...
[01:14:09]   Checking for file '/etc/ld.so.hash'             [ Not found ]
[01:14:09]   Checking for file '/lib/security/.config/ssh/ssh_host_key' [ Not found ]
[01:14:09]   Checking for file '/lib/security/.config/ssh/ssh_host_key.pub' [ Not found ]
[01:14:09]   Checking for file '/lib/security/.config/ssh/ssh_random_seed' [ Not found ]
[01:14:09]   Checking for file '/usr/bin/ssh2d'              [ Not found ]
[01:14:09]   Checking for file '/usr/lib/ldlibns.so'         [ Not found ]
[01:14:10]   Checking for file '/usr/lib/ldlibpst.so'        [ Not found ]
[01:14:10]   Checking for file '/usr/lib/ldlibdu.so'         [ Not found ]
[01:14:10]   Checking for file '/usr/lib/ldlibct.so'         [ Not found ]
[01:14:10]   Checking for directory '/lib/security/.config/ssh' [ Not found ]
[01:14:10]   Checking for directory '/dev/..0'               [ Not found ]
[01:14:10]   Checking for directory '/dev/..0/backup'        [ Not found ]
[01:14:10] Flea Linux Rootkit                                [ Not found ]
[01:14:10]
[01:14:10] Checking for FreeBSD Rootkit...
[01:14:10]   Checking for file '/usr/lib/.fx/sched_host.2'   [ Not found ]
[01:14:10]   Checking for file '/usr/lib/.fx/random_d.2'     [ Not found ]
[01:14:10]   Checking for file '/usr/lib/.fx/set_pid.2'      [ Not found ]
[01:14:10]   Checking for file '/usr/lib/.fx/cons.saver'     [ Not found ]
[01:14:10]   Checking for file '/usr/lib/.fx/adore/adore/adore.ko' [ Not found ]
[01:14:10]   Checking for file '/bin/sysback'                [ Not found ]
[01:14:10]   Checking for file '/usr/local/bin/sysback'      [ Not found ]
[01:14:10]   Checking for directory '/usr/lib/.fx'           [ Not found ]
[01:14:10]   Checking for directory '/usr/lib/.fx/adore'     [ Not found ]
[01:14:10] FreeBSD Rootkit                                   [ Not found ]
[01:14:10]
[01:14:10] Checking for Fuck`it Rootkit...
[01:14:10]   Checking for file '/dev/proc/fuckit/hax0r'      [ Not found ]
[01:14:10]   Checking for file '/dev/proc/fuckit/hax0rshell' [ Not found ]
[01:14:10]   Checking for file '/dev/proc/fuckit/config/lports' [ Not found ]
[01:14:10]   Checking for file '/dev/proc/fuckit/config/rports' [ Not found ]
[01:14:10]   Checking for file '/dev/proc/fuckit/config/rkconf' [ Not found ]
[01:14:10]   Checking for file '/dev/proc/fuckit/config/password' [ Not found ]
[01:14:10]   Checking for file '/dev/proc/fuckit/config/progs' [ Not found ]
[01:14:10]   Checking for file '/dev/proc/system-bins/init'  [ Not found ]
[01:14:10] Fuck`it Rootkit                                   [ Not found ]
[01:14:10]
[01:14:10] Checking for GasKit Rootkit...
[01:14:10]   Checking for file '/dev/dev/gaskit/sshd/sshdd'  [ Not found ]
[01:14:10]   Checking for directory '/dev/dev'               [ Not found ]
[01:14:10]   Checking for directory '/dev/dev/gaskit'        [ Not found ]
[01:14:10]   Checking for directory '/dev/dev/gaskit/sshd'   [ Not found ]
[01:14:10] GasKit Rootkit                                    [ Not found ]
[01:14:10]
[01:14:10] Checking for Heroin LKM...
[01:14:10]   Checking for kernel symbol 'heroin'             [ Not found ]
[01:14:10] Heroin LKM                                        [ Not found ]
[01:14:11]
[01:14:11] Checking for HjC Kit...
[01:14:11]   Checking for directory '/dev/.hijackerz'        [ Not found ]
[01:14:11] HjC Kit                                           [ Not found ]
[01:14:11]
[01:14:11] Checking for ignoKit Rootkit...
[01:14:11]   Checking for file '/lib/defs/p'                 [ Not found ]
[01:14:11]   Checking for file '/lib/defs/q'                 [ Not found ]
[01:14:11]   Checking for file '/lib/defs/r'                 [ Not found ]
[01:14:11]   Checking for file '/lib/defs/s'                 [ Not found ]
[01:14:11]   Checking for file '/lib/defs/t'                 [ Not found ]
[01:14:11]   Checking for file '/usr/lib/defs/p'             [ Not found ]
[01:14:11]   Checking for file '/usr/lib/defs/q'             [ Not found ]
[01:14:11]   Checking for file '/usr/lib/defs/r'             [ Not found ]
[01:14:11]   Checking for file '/usr/lib/defs/s'             [ Not found ]
[01:14:11]   Checking for file '/usr/lib/defs/t'             [ Not found ]
[01:14:11]   Checking for file '/usr/lib/.libigno/pkunsec'   [ Not found ]
[01:14:11]   Checking for file '/usr/lib/.libigno/.igno/psybnc/psybnc' [ Not found ]
[01:14:11]   Checking for directory '/usr/lib/.libigno'      [ Not found ]
[01:14:11]   Checking for directory '/usr/lib/.libigno/.igno' [ Not found ]
[01:14:11] ignoKit Rootkit                                   [ Not found ]
[01:14:11]
[01:14:11] Checking for ImperalsS-FBRK Rootkit...
[01:14:11]   Checking for directory '/dev/fd/.88'            [ Not found ]
[01:14:11]   Checking for directory '/dev/fd/.99'            [ Not found ]
[01:14:11] ImperalsS-FBRK Rootkit                            [ Not found ]
[01:14:11]
[01:14:11] Checking for IntoXonia-NG Rootkit...
[01:14:11]   Checking for kernel symbol 'funces'             [ Not found ]
[01:14:11]   Checking for kernel symbol 'ixinit'             [ Not found ]
[01:14:11]   Checking for kernel symbol 'tricks'             [ Not found ]
[01:14:11]   Checking for kernel symbol 'kernel_unlink'      [ Not found ]
[01:14:11]   Checking for kernel symbol 'rootme'             [ Not found ]
[01:14:12]   Checking for kernel symbol 'hide_module'        [ Not found ]
[01:14:12]   Checking for kernel symbol 'find_sys_call_tbl'  [ Not found ]
[01:14:12] IntoXonia-NG Rootkit                              [ Not found ]
[01:14:12]
[01:14:12] Checking for Irix Rootkit...
[01:14:12]   Checking for directory '/dev/pts/01'            [ Not found ]
[01:14:12]   Checking for directory '/dev/pts/01/backup'     [ Not found ]
[01:14:12]   Checking for directory '/dev/pts/01/etc'        [ Not found ]
[01:14:12]   Checking for directory '/dev/pts/01/tmp'        [ Not found ]
[01:14:12] Irix Rootkit                                      [ Not found ]
[01:14:12]
[01:14:12] Checking for Kitko Rootkit...
[01:14:12]   Checking for directory '/usr/src/redhat/SRPMS/...' [ Not found ]
[01:14:12] Kitko Rootkit                                     [ Not found ]
[01:14:12]
[01:14:12] Checking for Knark Rootkit...
[01:14:12]   Checking for file '/proc/knark/pids'            [ Not found ]
[01:14:12]   Checking for directory '/proc/knark'            [ Not found ]
[01:14:12] Knark Rootkit                                     [ Not found ]
[01:14:12]
[01:14:12] Checking for Li0n Worm...
[01:14:12]   Checking for file '/bin/in.telnetd'             [ Not found ]
[01:14:12]   Checking for file '/bin/mjy'                    [ Not found ]
[01:14:12]   Checking for file '/usr/man/man1/man1/lib/.lib/mjy' [ Not found ]
[01:14:12]   Checking for file '/usr/man/man1/man1/lib/.lib/in.telnetd' [ Not found ]
[01:14:12]   Checking for file '/usr/man/man1/man1/lib/.lib/.x' [ Not found ]
[01:14:12]   Checking for file '/dev/.lib/lib/scan/1i0n.sh'  [ Not found ]
[01:14:12]   Checking for file '/dev/.lib/lib/scan/hack.sh'  [ Not found ]
[01:14:12]   Checking for file '/dev/.lib/lib/scan/bind'     [ Not found ]
[01:14:12]   Checking for file '/dev/.lib/lib/scan/randb'    [ Not found ]
[01:14:12]   Checking for file '/dev/.lib/lib/scan/scan.sh'  [ Not found ]
[01:14:12]   Checking for file '/dev/.lib/lib/scan/pscan'    [ Not found ]
[01:14:12]   Checking for file '/dev/.lib/lib/scan/star.sh'  [ Not found ]
[01:14:12]   Checking for file '/dev/.lib/lib/scan/bindx.sh' [ Not found ]
[01:14:12]   Checking for file '/dev/.lib/lib/scan/bindname.log' [ Not found ]
[01:14:12]   Checking for file '/dev/.lib/lib/1i0n.sh'       [ Not found ]
[01:14:12]   Checking for file '/dev/.lib/lib/lib/netstat'   [ Not found ]
[01:14:12]   Checking for file '/dev/.lib/lib/lib/dev/.1addr' [ Not found ]
[01:14:12]   Checking for file '/dev/.lib/lib/lib/dev/.1logz' [ Not found ]
[01:14:12]   Checking for file '/dev/.lib/lib/lib/dev/.1proc' [ Not found ]
[01:14:12]   Checking for file '/dev/.lib/lib/lib/dev/.1file' [ Not found ]
[01:14:13] Li0n Worm                                         [ Not found ]
[01:14:13]
[01:14:13] Checking for Lockit / LJK2 Rootkit...
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_config' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_host_key' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_host_key.pub' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_random_seed*' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/sshd_config' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/backdoor/RK1bd' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/du' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ifconfig' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/inetd.conf' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/locate' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/login' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ls' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/netstat' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ps' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/pstree' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/rc.sysinit' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/syslogd' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/tcpd' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/top' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/clean/RK1sauber' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/clean/RK1wted' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/hack/RK1parser' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/hack/RK1sniff' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1addr' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1dir' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1log' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1proc' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/hide/RK1phidemod.c' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/modules/README.modules' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/modules/RK1hidem.c' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/modules/RK1phide' [ Not found ]
[01:14:13]   Checking for file '/usr/lib/libmen.oo/.LJK2/sshconfig/RK1ssh' [ Not found ]
[01:14:13]   Checking for directory '/usr/lib/libmen.oo/.LJK2' [ Not found ]
[01:14:13] Lockit / LJK2 Rootkit                             [ Not found ]
[01:14:13]
[01:14:13] Checking for Mood-NT Rootkit...
[01:14:13]   Checking for file '/sbin/init__mood-nt-_-_cthulhu' [ Not found ]
[01:14:13]   Checking for file '/_cthulhu/mood-nt.init'      [ Not found ]
[01:14:13]   Checking for file '/_cthulhu/mood-nt.conf'      [ Not found ]
[01:14:14]   Checking for file '/_cthulhu/mood-nt.sniff'     [ Not found ]
[01:14:14]   Checking for directory '/_cthulhu'              [ Not found ]
[01:14:14] Mood-NT Rootkit                                   [ Not found ]
[01:14:14]
[01:14:14] Checking for MRK Rootkit...
[01:14:14]   Checking for file '/dev/ida/.inet/pid'          [ Not found ]
[01:14:14]   Checking for file '/dev/ida/.inet/ssh_host_key' [ Not found ]
[01:14:14]   Checking for file '/dev/ida/.inet/ssh_random_seed' [ Not found ]
[01:14:14]   Checking for file '/dev/ida/.inet/tcp.log'      [ Not found ]
[01:14:14]   Checking for directory '/dev/ida/.inet'         [ Not found ]
[01:14:14]   Checking for directory '/var/spool/cron/.sh'    [ Not found ]
[01:14:14] MRK Rootkit                                       [ Not found ]
[01:14:14]
[01:14:14] Checking for Ni0 Rootkit...
[01:14:14]   Checking for file '/var/lock/subsys/...datafile.../...net...' [ Not found ]
[01:14:14]   Checking for file '/var/lock/subsys/...datafile.../...port...' [ Not found ]
[01:14:14]   Checking for file '/var/lock/subsys/...datafile.../...ps...' [ Not found ]
[01:14:14]   Checking for file '/var/lock/subsys/...datafile.../...file...' [ Not found ]
[01:14:14]   Checking for directory '/tmp/waza'              [ Not found ]
[01:14:14]   Checking for directory '/var/lock/subsys/...datafile...' [ Not found ]
[01:14:14]   Checking for directory '/usr/sbin/es'           [ Not found ]
[01:14:14] Ni0 Rootkit                                       [ Not found ]
[01:14:14]

Offline no_stress

  • Jr. Member
  • **
  • Post: 44
    • Mostra profilo
Re: Possibili problemi di sicurezza sul mio server da watchdog
« Risposta #10 il: 30 Aprile 2012, 01:41:02 »
[01:14:14] Checking for Ohhara Rootkit...
[01:14:14]   Checking for file '/var/lock/subsys/...datafile.../...datafile.../in.smbd.log' [ Not found ]
[01:14:14]   Checking for directory '/var/lock/subsys/...datafile...' [ Not found ]
[01:14:14]   Checking for directory '/var/lock/subsys/...datafile.../...datafile...' [ Not found ]
[01:14:14]   Checking for directory '/var/lock/subsys/...datafile.../...datafile.../bin' [ Not found ]
[01:14:14]   Checking for directory '/var/lock/subsys/...datafile.../...datafile.../usr/bin' [ Not found ]
[01:14:14]   Checking for directory '/var/lock/subsys/...datafile.../...datafile.../usr/sbin' [ Not found ]
[01:14:14]   Checking for directory '/var/lock/subsys/...datafile.../...datafile.../lib/security' [ Not found ]
[01:14:14] Ohhara Rootkit                                    [ Not found ]
[01:14:14]
[01:14:14] Checking for Optic Kit (Tux) Worm...
[01:14:14]   Checking for directory '/dev/tux'               [ Not found ]
[01:14:14]   Checking for directory '/usr/bin/xchk'          [ Not found ]
[01:14:14]   Checking for directory '/usr/bin/xsf'           [ Not found ]
[01:14:14]   Checking for directory '/usr/bin/ssh2d'         [ Not found ]
[01:14:14] Optic Kit (Tux) Worm                              [ Not found ]
[01:14:14]
[01:14:14] Checking for Oz Rootkit...
[01:14:14]   Checking for file '/dev/.oz/.nap/rkit/terror'   [ Not found ]
[01:14:14]   Checking for directory '/dev/.oz'               [ Not found ]
[01:14:14] Oz Rootkit                                        [ Not found ]
[01:14:15]
[01:14:15] Checking for Phalanx Rootkit...
[01:14:15]   Checking for file '/usr/share/.home.ph1/cb'     [ Not found ]
[01:14:15]   Checking for file '/etc/host.ph1'               [ Not found ]
[01:14:15]   Checking for file '/bin/host.ph1'               [ Not found ]
[01:14:15]   Checking for file '/usr/share/.home.ph1/phalanx' [ Not found ]
[01:14:15]   Checking for directory '/usr/share/.home.ph1'   [ Not found ]
[01:14:15] Phalanx Rootkit                                   [ Not found ]
[01:14:15]
[01:14:15] Checking for Phalanx Rootkit (strings)...
[01:14:15]   Checking for string 'phalanx'                   [ Not found ]
[01:14:15] Phalanx Rootkit (strings)                         [ Not found ]
[01:14:15]
[01:14:15] Checking for Phalanx2 Rootkit...
[01:14:15]   Checking for file '/etc/khubd.p2/.p2rc'         [ Not found ]
[01:14:15]   Checking for file '/etc/khubd.p2/.phalanx2'     [ Not found ]
[01:14:15]   Checking for file '/etc/khubd.p2/.sniff'        [ Not found ]
[01:14:15]   Checking for file '/etc/khubd.p2/sshgrab.py'    [ Not found ]
[01:14:15]   Checking for file '/etc/lolzz.p2/.p2rc'         [ Not found ]
[01:14:15]   Checking for file '/etc/lolzz.p2/.phalanx2'     [ Not found ]
[01:14:15]   Checking for file '/etc/lolzz.p2/.sniff'        [ Not found ]
[01:14:15]   Checking for file '/etc/lolzz.p2/sshgrab.py'    [ Not found ]
[01:14:15]   Checking for directory '/etc/khubd.p2'          [ Not found ]
[01:14:15]   Checking for directory '/etc/lolzz.p2'          [ Not found ]
[01:14:15] Phalanx2 Rootkit                                  [ Not found ]
[01:14:15]
[01:14:15] Checking for Phalanx2 Rootkit (extended tests)...
[01:14:15]   Checking for directory '/etc/khubd.p2'          [ Not found ]
[01:14:15]   Checking for directory '/etc/lolzz.p2'          [ Not found ]
[01:14:15] Phalanx2 Rootkit (extended tests)                 [ Not found ]
[01:14:15]
[01:14:15] Checking for Portacelo Rootkit...
[01:14:15]   Checking for file '/var/lib/.../.ak'            [ Not found ]
[01:14:15]   Checking for file '/var/lib/.../.hk'            [ Not found ]
[01:14:15]   Checking for file '/var/lib/.../.rs'            [ Not found ]
[01:14:15]   Checking for file '/var/lib/.../.p'             [ Not found ]
[01:14:15]   Checking for file '/var/lib/.../getty'          [ Not found ]
[01:14:15]   Checking for file '/var/lib/.../lkt.o'          [ Not found ]
[01:14:15]   Checking for file '/var/lib/.../show'           [ Not found ]
[01:14:15]   Checking for file '/var/lib/.../nlkt.o'         [ Not found ]
[01:14:15]   Checking for file '/var/lib/.../ssshrc'         [ Not found ]
[01:14:15]   Checking for file '/var/lib/.../sssh_equiv'     [ Not found ]
[01:14:15]   Checking for file '/var/lib/.../sssh_known_hosts' [ Not found ]
[01:14:15]   Checking for file '/var/lib/.../sssh_pid'       [ Not found ]
[01:14:15]   Checking for file '~/.sssh/known_hosts'         [ Not found ]
[01:14:16] Portacelo Rootkit                                 [ Not found ]
[01:14:16]
[01:14:16] Checking for R3dstorm Toolkit...
[01:14:16]   Checking for file '/var/log/tk02/see_all'       [ Not found ]
[01:14:16]   Checking for file '/bin/.../sshd/sbin/sshd1'    [ Not found ]
[01:14:16]   Checking for file '/bin/.../hate/sk'            [ Not found ]
[01:14:16]   Checking for file '/bin/.../see_all'            [ Not found ]
[01:14:16]   Checking for directory '/var/log/tk02'          [ Not found ]
[01:14:16]   Checking for directory '/var/log/tk02/old'      [ Not found ]
[01:14:16]   Checking for directory '/bin/...'               [ Not found ]
[01:14:16] R3dstorm Toolkit                                  [ Not found ]
[01:14:16]
[01:14:16] Checking for RH-Sharpe's Rootkit...
[01:14:16]   Checking for file '/bin/lps'                    [ Not found ]
[01:14:16]   Checking for file '/usr/bin/lpstree'            [ Not found ]
[01:14:16]   Checking for file '/usr/bin/ltop'               [ Not found ]
[01:14:16]   Checking for file '/usr/bin/lkillall'           [ Not found ]
[01:14:16]   Checking for file '/usr/bin/ldu'                [ Not found ]
[01:14:16]   Checking for file '/usr/bin/lnetstat'           [ Not found ]
[01:14:16]   Checking for file '/usr/bin/wp'                 [ Not found ]
[01:14:16]   Checking for file '/usr/bin/shad'               [ Not found ]
[01:14:16]   Checking for file '/usr/bin/vadim'              [ Not found ]
[01:14:16]   Checking for file '/usr/bin/slice'              [ Not found ]
[01:14:16]   Checking for file '/usr/bin/cleaner'            [ Not found ]
[01:14:16]   Checking for file '/usr/include/rpcsvc/du'      [ Not found ]
[01:14:16] RH-Sharpe's Rootkit                               [ Not found ]
[01:14:16]
[01:14:16] Checking for RSHA's Rootkit...
[01:14:16]   Checking for file '/bin/kr4p'                   [ Not found ]
[01:14:16]   Checking for file '/usr/bin/n3tstat'            [ Not found ]
[01:14:16]   Checking for file '/usr/bin/chsh2'              [ Not found ]
[01:14:16]   Checking for file '/usr/bin/slice2'             [ Not found ]
[01:14:16]   Checking for file '/usr/src/linux/arch/alpha/lib/.lib/.1proc' [ Not found ]
[01:14:16]   Checking for file '/etc/rc.d/arch/alpha/lib/.lib/.1addr' [ Not found ]
[01:14:16]   Checking for directory '/etc/rc.d/rsha'         [ Not found ]
[01:14:16]   Checking for directory '/etc/rc.d/arch/alpha/lib/.lib' [ Not found ]
[01:14:16] RSHA's Rootkit                                    [ Not found ]
[01:14:16]
[01:14:16] Checking for Scalper Worm...
[01:14:16]   Checking for file '/tmp/.a'                     [ Not found ]
[01:14:16]   Checking for file '/tmp/.uua'                   [ Not found ]
[01:14:16] Scalper Worm                                      [ Not found ]
[01:14:17]
[01:14:17] Checking for Sebek LKM...
[01:14:17]   Checking for kernel symbol 'adore or sebek'     [ Not found ]
[01:14:17] Sebek LKM                                         [ Not found ]
[01:14:17]
[01:14:17] Checking for Shutdown Rootkit...
[01:14:17]   Checking for file '/usr/man/man5/.. /.dir/scannah/asus' [ Not found ]
[01:14:17]   Checking for file '/usr/man/man5/.. /.dir/see'  [ Not found ]
[01:14:17]   Checking for file '/usr/man/man5/.. /.dir/nscd' [ Not found ]
[01:14:17]   Checking for file '/usr/man/man5/.. /.dir/alpd' [ Not found ]
[01:14:17]   Checking for file '/etc/rc.d/rc.local '         [ Not found ]
[01:14:17]   Checking for directory '/usr/man/man5/.. /.dir' [ Not found ]
[01:14:17]   Checking for directory '/usr/man/man5/.. /.dir/scannah' [ Not found ]
[01:14:17]   Checking for directory '/etc/rc.d/rc0.d/.. /.dir' [ Not found ]
[01:14:17] Shutdown Rootkit                                  [ Not found ]
[01:14:17]
[01:14:17] Checking for SHV4 Rootkit...
[01:14:17]   Checking for file '/etc/ld.so.hash'             [ Not found ]
[01:14:17]   Checking for file '/lib/libext-2.so.7'          [ Not found ]
[01:14:17]   Checking for file '/lib/lidps1.so'              [ Not found ]
[01:14:17]   Checking for file '/usr/sbin/xntps'             [ Not found ]
[01:14:17]   Checking for directory '/lib/security/.config'  [ Not found ]
[01:14:17]   Checking for directory '/lib/security/.config/ssh' [ Not found ]
[01:14:17] SHV4 Rootkit                                      [ Not found ]
[01:14:17]
[01:14:17] Checking for SHV5 Rootkit...
[01:14:17]   Checking for file '/etc/sh.conf'                [ Not found ]
[01:14:17]   Checking for file '/dev/srd0'                   [ Not found ]
[01:14:17]   Checking for directory '/usr/lib/libsh'         [ Not found ]
[01:14:17] SHV5 Rootkit                                      [ Not found ]
[01:14:18]
[01:14:18] Checking for Sin Rootkit...
[01:14:18]   Checking for file '/dev/.haos/haos1/.f/Denyed'  [ Not found ]
[01:14:18]   Checking for file '/dev/ttyoa'                  [ Not found ]
[01:14:18]   Checking for file '/dev/ttyof'                  [ Not found ]
[01:14:18]   Checking for file '/dev/ttyop'                  [ Not found ]
[01:14:18]   Checking for file '/dev/ttyos'                  [ Not found ]
[01:14:18]   Checking for file '/usr/lib/.lib'               [ Not found ]
[01:14:18]   Checking for file '/usr/lib/sn/.X'              [ Not found ]
[01:14:18]   Checking for file '/usr/lib/sn/.sys'            [ Not found ]
[01:14:18]   Checking for file '/usr/lib/ld/.X'              [ Not found ]
[01:14:18]   Checking for file '/usr/man/man1/...'           [ Not found ]
[01:14:18]   Checking for file '/usr/man/man1/.../.m'        [ Not found ]
[01:14:18]   Checking for file '/usr/man/man1/.../.w'        [ Not found ]
[01:14:18]   Checking for directory '/usr/lib/sn'            [ Not found ]
[01:14:18]   Checking for directory '/usr/lib/man1/...'      [ Not found ]
[01:14:18]   Checking for directory '/dev/.haos'             [ Not found ]
[01:14:18] Sin Rootkit                                       [ Not found ]
[01:14:18]

Offline no_stress

  • Jr. Member
  • **
  • Post: 44
    • Mostra profilo
Re: Possibili problemi di sicurezza sul mio server da watchdog
« Risposta #11 il: 30 Aprile 2012, 01:41:18 »
[01:14:18] Checking for Slapper Worm...
[01:14:18]   Checking for file '/tmp/.bugtraq'               [ Not found ]
[01:14:18]   Checking for file '/tmp/.uubugtraq'             [ Not found ]
[01:14:18]   Checking for file '/tmp/.bugtraq.c'             [ Not found ]
[01:14:18]   Checking for file '/tmp/httpd'                  [ Not found ]
[01:14:18]   Checking for file '/tmp/.unlock'                [ Not found ]
[01:14:18]   Checking for file '/tmp/update'                 [ Not found ]
[01:14:18]   Checking for file '/tmp/.cinik'                 [ Not found ]
[01:14:18]   Checking for file '/tmp/.b'                     [ Not found ]
[01:14:18] Slapper Worm                                      [ Not found ]
[01:14:18]
[01:14:18] Checking for Sneakin Rootkit...
[01:14:18]   Checking for directory '/tmp/.X11-unix/.../rk'  [ Not found ]
[01:14:18] Sneakin Rootkit                                   [ Not found ]
[01:14:18]
[01:14:18] Checking for Suckit Rootkit...
[01:14:18]   Checking for file '/sbin/initsk12'              [ Not found ]
[01:14:18]   Checking for file '/sbin/initxrk'               [ Not found ]
[01:14:18]   Checking for file '/usr/bin/null'               [ Not found ]
[01:14:18]   Checking for file '/usr/share/locale/sk/.sk12/sk' [ Not found ]
[01:14:18]   Checking for file '/etc/rc.d/rc0.d/S23kmdac'    [ Not found ]
[01:14:18]   Checking for file '/etc/rc.d/rc1.d/S23kmdac'    [ Not found ]
[01:14:18]   Checking for file '/etc/rc.d/rc2.d/S23kmdac'    [ Not found ]
[01:14:18]   Checking for file '/etc/rc.d/rc3.d/S23kmdac'    [ Not found ]
[01:14:19]   Checking for file '/etc/rc.d/rc4.d/S23kmdac'    [ Not found ]
[01:14:19]   Checking for file '/etc/rc.d/rc5.d/S23kmdac'    [ Not found ]
[01:14:19]   Checking for file '/etc/rc.d/rc6.d/S23kmdac'    [ Not found ]
[01:14:19]   Checking for directory '/dev/sdhu0/tehdrakg'    [ Not found ]
[01:14:19]   Checking for directory '/etc/.MG'               [ Not found ]
[01:14:19]   Checking for directory '/usr/share/locale/sk/.sk12' [ Not found ]
[01:14:19]   Checking for directory '/usr/lib/perl5/site_perl/i386-linux/auto/TimeDate/.packlist' [ Not found ]
[01:14:19] Suckit Rootkit                                    [ Not found ]
[01:14:19]
[01:14:19] Checking for SunOS Rootkit...
[01:14:19]   Checking for file '/etc/ld.so.hash'             [ Not found ]
[01:14:19]   Checking for file '/lib/libext-2.so.7'          [ Not found ]
[01:14:19]   Checking for file '/usr/bin/ssh2d'              [ Not found ]
[01:14:19]   Checking for file '/bin/xlogin'                 [ Not found ]
[01:14:19]   Checking for file '/usr/lib/crth.o'             [ Not found ]
[01:14:19]   Checking for file '/usr/lib/crtz.o'             [ Not found ]
[01:14:19]   Checking for file '/sbin/login'                 [ Not found ]
[01:14:19]   Checking for file '/lib/security/.config/sn'    [ Not found ]
[01:14:19]   Checking for file '/lib/security/.config/lpsched' [ Not found ]
[01:14:19]   Checking for file '/dev/kmod'                   [ Not found ]
[01:14:19]   Checking for file '/dev/dos'                    [ Not found ]
[01:14:19] SunOS Rootkit                                     [ Not found ]
[01:14:19]
[01:14:19] Checking for SunOS / NSDAP Rootkit...
[01:14:19]   Checking for file '/usr/lib/vold/nsdap/.kit'    [ Not found ]
[01:14:19]   Checking for file '/usr/lib/vold/nsdap/defines' [ Not found ]
[01:14:19]   Checking for file '/usr/lib/vold/nsdap/patcher' [ Not found ]
[01:14:19]   Checking for file '/usr/lib/vold/nsdap/pg'      [ Not found ]
[01:14:19]   Checking for file '/usr/lib/vold/nsdap/cleaner' [ Not found ]
[01:14:19]   Checking for file '/usr/lib/vold/nsdap/utime'   [ Not found ]
[01:14:19]   Checking for file '/usr/lib/vold/nsdap/crypt'   [ Not found ]
[01:14:19]   Checking for file '/usr/lib/vold/nsdap/findkit' [ Not found ]
[01:14:19]   Checking for file '/usr/lib/vold/nsdap/sn2'     [ Not found ]
[01:14:19]   Checking for file '/usr/lib/vold/nsdap/sniffload' [ Not found ]
[01:14:19]   Checking for file '/usr/lib/vold/nsdap/runsniff' [ Not found ]
[01:14:19]   Checking for file '/usr/lib/lpset'              [ Not found ]
[01:14:19]   Checking for directory '/usr/lib/vold/nsdap'    [ Not found ]
[01:14:19] SunOS / NSDAP Rootkit                             [ Not found ]
[01:14:19]
[01:14:19] Checking for Superkit Rootkit...
[01:14:19]   Checking for file '/usr/man/.sman/sk'           [ Not found ]
[01:14:20] Superkit Rootkit                                  [ Not found ]
[01:14:20]
[01:14:20] Checking for TBD (Telnet BackDoor)...
[01:14:20]   Checking for file '/usr/lib/.tbd'               [ Not found ]
[01:14:20] TBD (Telnet BackDoor)                             [ Not found ]
[01:14:20]
[01:14:20] Checking for TeLeKiT Rootkit...
[01:14:20]   Checking for file '/usr/man/man3/.../TeLeKiT/bin/sniff' [ Not found ]
[01:14:20]   Checking for file '/usr/man/man3/.../TeLeKiT/bin/telnetd' [ Not found ]
[01:14:20]   Checking for file '/usr/man/man3/.../TeLeKiT/bin/teleulo' [ Not found ]
[01:14:20]   Checking for file '/usr/man/man3/.../cl'        [ Not found ]
[01:14:20]   Checking for file '/dev/ptyr'                   [ Not found ]
[01:14:20]   Checking for file '/dev/ptyp'                   [ Not found ]
[01:14:20]   Checking for file '/dev/ptyq'                   [ Not found ]
[01:14:20]   Checking for file '/dev/hda06'                  [ Not found ]
[01:14:20]   Checking for file '/usr/info/libc1.so'          [ Not found ]
[01:14:20]   Checking for directory '/usr/man/man3/...'      [ Not found ]
[01:14:20]   Checking for directory '/usr/man/man3/.../lsniff' [ Not found ]
[01:14:20]   Checking for directory '/usr/man/man3/.../TeLeKiT' [ Not found ]
[01:14:20] TeLeKiT Rootkit                                   [ Not found ]
[01:14:20]
[01:14:20] Checking for T0rn Rootkit...
[01:14:20]   Checking for file '/dev/.lib/lib/lib/t0rns'     [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/du'        [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/ls'        [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/t0rnsb'    [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/ps'        [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/t0rnp'     [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/find'      [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/ifconfig'  [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/pg'        [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/ssh.tgz'   [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/top'       [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/sz'        [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/login'     [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/in.fingerd' [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/1i0n.sh'   [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/pstree'    [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/in.telnetd' [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/mjy'       [ Not found ]
[01:14:20]   Checking for file '/dev/.lib/lib/lib/sush'      [ Not found ]
[01:14:21]   Checking for file '/dev/.lib/lib/lib/tfn'       [ Not found ]
[01:14:21]   Checking for file '/dev/.lib/lib/lib/name'      [ Not found ]
[01:14:21]   Checking for file '/dev/.lib/lib/lib/getip.sh'  [ Not found ]
[01:14:21]   Checking for file '/usr/info/.torn/sh*'         [ Not found ]
[01:14:21]   Checking for file '/usr/src/.puta/.1addr'       [ Not found ]
[01:14:21]   Checking for file '/usr/src/.puta/.1file'       [ Not found ]
[01:14:21]   Checking for file '/usr/src/.puta/.1proc'       [ Not found ]
[01:14:21]   Checking for file '/usr/src/.puta/.1logz'       [ Not found ]
[01:14:21]   Checking for file '/usr/info/.t0rn'             [ Not found ]
[01:14:21]   Checking for directory '/dev/.lib'              [ Not found ]
[01:14:21]   Checking for directory '/dev/.lib/lib'          [ Not found ]
[01:14:21]   Checking for directory '/dev/.lib/lib/lib'      [ Not found ]
[01:14:21]   Checking for directory '/dev/.lib/lib/lib/dev'  [ Not found ]
[01:14:21]   Checking for directory '/dev/.lib/lib/scan'     [ Not found ]
[01:14:21]   Checking for directory '/usr/src/.puta'         [ Not found ]
[01:14:21]   Checking for directory '/usr/man/man1/man1'     [ Not found ]
[01:14:21]   Checking for directory '/usr/man/man1/man1/lib' [ Not found ]
[01:14:21]   Checking for directory '/usr/man/man1/man1/lib/.lib' [ Not found ]
[01:14:21]   Checking for directory '/usr/man/man1/man1/lib/.lib/.backup' [ Not found ]
[01:14:21] T0rn Rootkit                                      [ Not found ]
[01:14:21]
[01:14:21] Checking for Trojanit Kit...
[01:14:21]   Checking for file '/bin/.ls'                    [ Not found ]
[01:14:21]   Checking for file '/bin/.ps'                    [ Not found ]
[01:14:21]   Checking for file '/bin/.netstat'               [ Not found ]
[01:14:21]   Checking for file '/usr/bin/.nop'               [ Not found ]
[01:14:21]   Checking for file '/usr/bin/.who'               [ Not found ]
[01:14:21] Trojanit Kit                                      [ Not found ]
[01:14:21]
[01:14:21] Checking for Tuxtendo Rootkit...
[01:14:21]   Checking for file '/dev/tux/.addr'              [ Not found ]
[01:14:21]   Checking for file '/dev/tux/.cron'              [ Not found ]
[01:14:21]   Checking for file '/dev/tux/.file'              [ Not found ]
[01:14:21]   Checking for file '/dev/tux/.log'               [ Not found ]
[01:14:21]   Checking for file '/dev/tux/.proc'              [ Not found ]
[01:14:21]   Checking for file '/dev/tux/backup/crontab'     [ Not found ]
[01:14:21]   Checking for file '/dev/tux/backup/df'          [ Not found ]
[01:14:21]   Checking for file '/dev/tux/backup/dir'         [ Not found ]
[01:14:21]   Checking for file '/dev/tux/backup/find'        [ Not found ]
[01:14:21]   Checking for file '/dev/tux/backup/ifconfig'    [ Not found ]
[01:14:21]   Checking for file '/dev/tux/backup/locate'      [ Not found ]
[01:14:22]   Checking for file '/dev/tux/backup/netstat'     [ Not found ]
[01:14:22]   Checking for file '/dev/tux/backup/ps'          [ Not found ]
[01:14:22]   Checking for file '/dev/tux/backup/pstree'      [ Not found ]
[01:14:22]   Checking for file '/dev/tux/backup/syslogd'     [ Not found ]
[01:14:22]   Checking for file '/dev/tux/backup/tcpd'        [ Not found ]
[01:14:22]   Checking for file '/dev/tux/backup/top'         [ Not found ]
[01:14:22]   Checking for file '/dev/tux/backup/updatedb'    [ Not found ]
[01:14:22]   Checking for file '/dev/tux/backup/vdir'        [ Not found ]
[01:14:22]   Checking for directory '/dev/tux'               [ Not found ]
[01:14:22]   Checking for directory '/dev/tux/ssh2'          [ Not found ]
[01:14:22]   Checking for directory '/dev/tux/backup'        [ Not found ]
[01:14:22] Tuxtendo Rootkit                                  [ Not found ]
[01:14:22]
[01:14:22] Checking for URK Rootkit...
[01:14:22]   Checking for file '/usr/man/man1/xxxxxxbin/find' [ Not found ]
[01:14:22]   Checking for file '/usr/man/man1/xxxxxxbin/du'  [ Not found ]
[01:14:22]   Checking for file '/usr/man/man1/xxxxxxbin/ps'  [ Not found ]
[01:14:22]   Checking for file '/tmp/conf.inf'               [ Not found ]
[01:14:22]   Checking for directory '/usr/man/man1/xxxxxxbin' [ Not found ]
[01:14:22] URK Rootkit                                       [ Not found ]
[01:14:22]
[01:14:22] Checking for Vampire Rootkit...
[01:14:22]   Checking for kernel symbol 'new_getdents'       [ Not found ]
[01:14:22]   Checking for kernel symbol 'old_getdents'       [ Not found ]
[01:14:22]   Checking for kernel symbol 'should_hide_file_name' [ Not found ]
[01:14:22]   Checking for kernel symbol 'should_hide_task_name' [ Not found ]
[01:14:22] Vampire Rootkit                                   [ Not found ]
[01:14:22]
[01:14:22] Checking for VcKit Rootkit...
[01:14:22]   Checking for directory '/usr/include/linux/modules/lib.so' [ Not found ]
[01:14:22]   Checking for directory '/usr/include/linux/modules/lib.so/bin' [ Not found ]
[01:14:22] VcKit Rootkit                                     [ Not found ]
[01:14:22]
[01:14:22] Checking for Volc Rootkit...
[01:14:22]   Checking for directory '/var/spool/.recent'     [ Not found ]
[01:14:22]   Checking for directory '/var/spool/.recent/.files' [ Not found ]
[01:14:23]   Checking for directory '/usr/lib/volc'          [ Not found ]
[01:14:23]   Checking for directory '/usr/lib/volc/backup'   [ Not found ]
[01:14:23] Volc Rootkit                                      [ Not found ]
[01:14:23]
[01:14:23] Checking for X-Org SunOS Rootkit...
[01:14:23]   Checking for file '/usr/lib/libX.a/bin/tmpfl'   [ Not found ]
[01:14:23]   Checking for file '/usr/lib/libX.a/bin/rps'     [ Not found ]
[01:14:23]   Checking for file '/usr/bin/srload'             [ Not found ]
[01:14:23]   Checking for file '/usr/lib/libX.a/bin/sparcv7/rps' [ Not found ]
[01:14:23]   Checking for file '/usr/sbin/modcheck'          [ Not found ]
[01:14:23]   Checking for directory '/usr/lib/libX.a'        [ Not found ]
[01:14:23]   Checking for directory '/usr/lib/libX.a/bin'    [ Not found ]
[01:14:23]   Checking for directory '/usr/lib/libX.a/bin/sparcv7' [ Not found ]
[01:14:23]   Checking for directory '/usr/share/man...'      [ Not found ]
[01:14:23] X-Org SunOS Rootkit                               [ Not found ]
[01:14:23]
[01:14:23] Checking for zaRwT.KiT Rootkit...
[01:14:23]   Checking for file '/dev/rd/s/sendmeil'          [ Not found ]
[01:14:23]   Checking for file '/dev/ttyf'                   [ Not found ]
[01:14:23]   Checking for file '/dev/ttyp'                   [ Not found ]
[01:14:23]   Checking for file '/dev/ttyn'                   [ Not found ]
[01:14:23]   Checking for file '/rk/tulz'                    [ Not found ]
[01:14:23]   Checking for directory '/rk'                    [ Not found ]
[01:14:23]   Checking for directory '/dev/rd/s'              [ Not found ]
[01:14:23] zaRwT.KiT Rootkit                                 [ Not found ]
[01:14:23]
[01:14:23] Performing additional rootkit checks
[01:14:23] Info: Starting test name 'additional_rkts'
[01:14:23]
[01:14:23]   Performing Suckit Rookit additional checks
[01:14:23]     Checking hard link count on '/sbin/init'      [ OK ]
[01:14:23]     Checking for hidden file extensions           [ None found ]
[01:14:23]     Running skdet command                         [ Skipped ]
[01:14:23] Info: Unable to find the 'skdet' command
[01:14:23]   Suckit Rookit additional checks                 [ OK ]
[01:14:23]
[01:14:23]   Performing check of possible rootkit files and directories
[01:14:23] Info: Starting test name 'possible_rkt_files'
[01:14:23]     Checking for file '/dev/sdr0'                 [ Not found ]
[01:14:23]     Checking for file '/tmp/.syshackfile'         [ Not found ]
[01:14:23]     Checking for file '/tmp/.bash_history'        [ Not found ]
[01:14:23]     Checking for file '/usr/info/.clib'           [ Not found ]
[01:14:24]     Checking for file '/usr/sbin/tcp.log'         [ Not found ]
[01:14:24]     Checking for file '/usr/bin/take/pid'         [ Not found ]
[01:14:24]     Checking for file '/sbin/create'              [ Not found ]
[01:14:24]     Checking for file '/dev/ttypz'                [ Not found ]
[01:14:24]     Checking for directory '/usr/bin/take'        [ Not found ]
[01:14:24]     Checking for directory '/usr/src/.lib'        [ Not found ]
[01:14:24]     Checking for directory '/usr/share/man/man1/.1c' [ Not found ]
[01:14:24]     Checking for directory '/lib/lblip.tk'        [ Not found ]
[01:14:24]     Checking for directory '/usr/sbin/...'        [ Not found ]
[01:14:24]     Checking for directory '/usr/share/.gun'      [ Not found ]
[01:14:24]   Checking for possible rootkit files and directories [ None found ]
[01:14:24]
[01:14:24]   Performing check for possible rootkit strings
[01:14:24] Info: Starting test name 'possible_rkt_strings'
[01:14:24] Info: Using system startup paths: /etc/rc.d /etc/inittab
[01:14:24]     Checking for string '/dev/proc/fuckit'        [ Not found ]

Offline no_stress

  • Jr. Member
  • **
  • Post: 44
    • Mostra profilo
Re: Possibili problemi di sicurezza sul mio server da watchdog
« Risposta #12 il: 30 Aprile 2012, 01:41:30 »
[01:14:24]     Checking for string 'FUCK'                    [ Not found ]
[01:14:24]     Checking for string 'backdoor'                [ Not found ]
[01:14:24]     Checking for string 'vt200'                   [ Not found ]
[01:14:24]     Checking for string '/usr/bin/xstat'          [ Not found ]
[01:14:24]     Checking for string '/bin/envpc'              [ Not found ]
[01:14:24]     Checking for string 'L4m3r0x'                 [ Not found ]
[01:14:24]     Checking for string '/usr/lib/.tbd'           [ Not found ]
[01:14:24]     Checking for string '/dev/ptyxx/.file'        [ Not found ]
[01:14:24]     Checking for string '/dev/sgk'                [ Not found ]
[01:14:24]     Checking for string '/var/lock/subsys/...datafile...' [ Not found ]
[01:14:24]     Checking for string '/usr/lib/.tbd'           [ Not found ]
[01:14:24]     Checking for string '/dev/proc/fuckit'        [ Not found ]
[01:14:25]     Checking for string '/lib/.sso'               [ Not found ]
[01:14:25]     Checking for string '/var/lock/subsys/...datafile...' [ Not found ]
[01:14:25]     Checking for string '/dev/caca'               [ Not found ]
[01:14:25]     Checking for string '/dev/ttyoa'              [ Not found ]
[01:14:25]     Checking for string 'syg'                     [ Not found ]
[01:14:25]     Checking for string '/dev/pts/01'             [ Not found ]
[01:14:25]     Checking for string 'tw33dl3'                 [ Not found ]
[01:14:25]     Checking for string 'psniff'                  [ Not found ]
[01:14:25]     Checking for string '/var/lock/subsys/...datafile...' [ Not found ]
[01:14:25]     Checking for string '/dev/ptyxx'              [ Not found ]
[01:14:25]     Checking for string '/usr/lib/.tbd'           [ Not found ]
[01:14:25]     Checking for string 'in.inetd'                [ Not found ]
[01:14:25]     Checking for string '#<HIDE_.*>'              [ Not found ]
[01:14:26]     Checking for string 'bin/xchk'                [ Not found ]
[01:14:26]     Checking for string 'bin/xsf'                 [ Not found ]
[01:14:26]   Checking for possible rootkit strings           [ None found ]
[01:14:26]
[01:14:26] Performing malware checks
[01:14:26] Info: Starting test name 'malware'
[01:14:26]
[01:14:26] Info: Test 'deleted_files' disabled at users request.
[01:14:26] Info: Starting test name 'running_procs'
[01:14:26]   Checking running processes for suspicious files [ None found ]
[01:14:26]
[01:14:26] Info: Test 'hidden_procs' disabled at users request.
[01:14:26]
[01:14:26] Info: Test 'suspscan' disabled at users request.
[01:14:26]
[01:14:26]   Performing check for login backdoors
[01:14:26] Info: Starting test name 'other_malware'
[01:14:26]     Checking for '/bin/.login'                    [ Not found ]
[01:14:26]     Checking for '/sbin/.login'                   [ Not found ]
[01:14:26]   Checking for login backdoors                    [ None found ]
[01:14:26]
[01:14:26]   Performing check for suspicious directories
[01:14:26]     Checking for directory '/usr/X11R6/bin/.,/copy' [ Not found ]
[01:14:26]     Checking for directory '/dev/rd/cdb'          [ Not found ]
[01:14:26]   Checking for suspicious directories             [ None found ]
[01:14:27]
[01:14:27]   Checking for software intrusions                [ Skipped ]
[01:14:27] Info: Check skipped - tripwire not installed
[01:14:27]
[01:14:27]   Performing check for sniffer log files
[01:14:27]     Checking for file '/usr/lib/libice.log'       [ Not found ]
[01:14:27]   Checking for sniffer log files                  [ None found ]
[01:14:27]
[01:14:27] Performing trojan specific checks
[01:14:27] Info: Starting test name 'trojans'
[01:14:27]   Checking for enabled inetd services             [ Skipped ]
[01:14:27] Info: Check skipped - file '/etc/inetd.conf' does not exist.
[01:14:27]
[01:14:27]   Performing check for enabled xinetd services
[01:14:27] Info: Using xinetd configuration file '/etc/xinetd.conf'
[01:14:27]     Checking '/etc/xinetd.conf' for enabled services [ None found ]
[01:14:27]       Found 'includedir /etc/xinetd.d' directive
[01:14:27]     Checking '/etc/xinetd.d/chargen-dgram' for enabled services [ None found ]
[01:14:27]     Checking '/etc/xinetd.d/chargen-stream' for enabled services [ None found ]
[01:14:27]     Checking '/etc/xinetd.d/daytime-dgram' for enabled services [ None found ]
[01:14:27]     Checking '/etc/xinetd.d/daytime-stream' for enabled services [ None found ]
[01:14:27]     Checking '/etc/xinetd.d/discard-dgram' for enabled services [ None found ]
[01:14:27]     Checking '/etc/xinetd.d/discard-stream' for enabled services [ None found ]
[01:14:27]     Checking '/etc/xinetd.d/echo-dgram' for enabled services [ None found ]
[01:14:27]     Checking '/etc/xinetd.d/echo-stream' for enabled services [ None found ]
[01:14:27]     Checking '/etc/xinetd.d/ftp_psa' for enabled services [ Warning ]
[01:14:27]     Checking '/etc/xinetd.d/poppassd_psa' for enabled services [ Warning ]
[01:14:27]     Checking '/etc/xinetd.d/rsync' for enabled services [ None found ]
[01:14:27]     Checking '/etc/xinetd.d/smtp_psa' for enabled services [ Warning ]
[01:14:27]     Checking '/etc/xinetd.d/smtps_psa' for enabled services [ Warning ]
[01:14:27]     Checking '/etc/xinetd.d/tcpmux-server' for enabled services [ None found ]
[01:14:27]     Checking '/etc/xinetd.d/time-dgram' for enabled services [ None found ]
[01:14:27]     Checking '/etc/xinetd.d/time-stream' for enabled services [ None found ]
[01:14:27]   Checking for enabled xinetd services            [ Warning ]
[01:14:27] Warning: Found enabled xinetd service: /etc/xinetd.d/ftp_psa
[01:14:27] Warning: Found enabled xinetd service: /etc/xinetd.d/poppassd_psa
[01:14:27] Warning: Found enabled xinetd service: /etc/xinetd.d/smtp_psa
[01:14:28] Warning: Found enabled xinetd service: /etc/xinetd.d/smtps_psa
[01:14:28]   Checking for Apache backdoor                    [ Not found ]
[01:14:28]
[01:14:28] Performing Linux specific checks
[01:14:28] Info: Starting test name 'os_specific'
[01:14:28]   Checking loaded kernel modules                  [ OK ]
[01:14:28] Info: Using modules pathname of '/lib/modules/2.6.32-220.7.1.el6.x86_64'
[01:14:28]   Checking kernel module names                    [ OK ]
[01:14:28]
[01:14:28] Checking the network...
[01:14:28] Info: Starting test name 'network'
[01:14:28] Info: Starting test name 'ports'
[01:14:28]
[01:14:28] Performing check for backdoor ports
[01:14:28]   Checking for TCP port 1524                      [ Not found ]
[01:14:28]   Checking for TCP port 1984                      [ Not found ]
[01:14:28]   Checking for UDP port 2001                      [ Not found ]
[01:14:28]   Checking for TCP port 2006                      [ Not found ]
[01:14:28]   Checking for TCP port 2128                      [ Not found ]
[01:14:28]   Checking for TCP port 6666                      [ Not found ]
[01:14:29]   Checking for TCP port 6667                      [ Not found ]
[01:14:29]   Checking for TCP port 6668                      [ Not found ]
[01:14:29]   Checking for TCP port 6669                      [ Not found ]
[01:14:29]   Checking for TCP port 7000                      [ Not found ]
[01:14:29]   Checking for TCP port 13000                     [ Not found ]
[01:14:29]   Checking for TCP port 14856                     [ Not found ]
[01:14:29]   Checking for TCP port 25000                     [ Not found ]
[01:14:29]   Checking for TCP port 29812                     [ Not found ]
[01:14:29]   Checking for TCP port 31337                     [ Not found ]
[01:14:29]   Checking for TCP port 32982                     [ Not found ]
[01:14:29]   Checking for TCP port 33369                     [ Not found ]
[01:14:30]   Checking for TCP port 47107                     [ Not found ]
[01:14:30]   Checking for TCP port 47018                     [ Not found ]
[01:14:30]   Checking for TCP port 60922                     [ Not found ]
[01:14:30]   Checking for TCP port 62883                     [ Not found ]
[01:14:30]   Checking for TCP port 65535                     [ Not found ]
[01:14:30]
[01:14:30] Performing checks on the network interfaces
[01:14:30] Info: Starting test name 'promisc'
[01:14:30]   Checking for promiscuous interfaces             [ None found ]
[01:14:30]
[01:14:30] Info: Test 'packet_cap_apps' disabled at users request.
[01:14:30]
[01:14:30] Checking the local host...
[01:14:30] Info: Starting test name 'local_host'
[01:14:30]
[01:14:30] Performing system boot checks
[01:14:30] Info: Starting test name 'startup_files'
[01:14:30]   Checking for local host name                    [ Found ]
[01:14:30] Info: Starting test name 'startup_malware'
[01:14:30]   Checking for system startup files               [ Found ]
[01:14:31]   Checking system startup files for malware       [ None found ]
[01:14:31]
[01:14:31] Performing group and account checks
[01:14:31] Info: Starting test name 'group_accounts'
[01:14:31]   Checking for passwd file                        [ Found ]
[01:14:31] Info: Found password file: /etc/passwd
[01:14:31]   Checking for root equivalent (UID 0) accounts   [ None found ]
[01:14:31] Info: Found shadow file: /etc/shadow
[01:14:31]   Checking for passwordless accounts              [ None found ]
[01:14:31] Info: Starting test name 'passwd_changes'
[01:14:31]   Checking for passwd file changes                [ None found ]
[01:14:31] Info: Starting test name 'group_changes'
[01:14:31]   Checking for group file changes                 [ None found ]
[01:14:31]   Checking root account shell history files       [ OK ]
[01:14:31]
[01:14:31] Performing system configuration file checks
[01:14:31] Info: Starting test name 'system_configs'
[01:14:31]   Checking for SSH configuration file             [ Found ]
[01:14:31] Info: Found SSH configuration file: /etc/ssh/sshd_config
[01:14:31] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'unset'.
[01:14:31] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '2'.
[01:14:31]   Checking if SSH root access is allowed          [ Warning ]
[01:14:31] Warning: The SSH and rkhunter configuration options should be the same:
[01:14:31]          SSH configuration option 'PermitRootLogin': no
[01:14:31]          Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': unset
[01:14:31]   Checking if SSH protocol v1 is allowed          [ Not allowed ]
[01:14:31]   Checking for running syslog daemon              [ Found ]
[01:14:31]   Checking for syslog configuration file          [ Found ]
[01:14:31] Info: Found syslog configuration file: /etc/rsyslog.conf
[01:14:31]   Checking if syslog remote logging is allowed    [ Not allowed ]
[01:14:31]
[01:14:31] Performing filesystem checks
[01:14:31] Info: Starting test name 'filesystem'
[01:14:31] Info: SCAN_MODE_DEV set to 'THOROUGH'
[01:14:32]   Checking /dev for suspicious file types         [ None found ]
[01:14:32]   Checking for hidden files and directories       [ Warning ]
[01:14:32] Warning: Hidden directory found: /dev/.udev
[01:14:32] Warning: Hidden file found: /etc/.php.ini.swo: Vim swap file, version 7.2
[01:14:32] Warning: Hidden file found: /etc/.resolv.conf.swj: Vim swap file, version 7.2
[01:14:32] Warning: Hidden file found: /etc/.resolv.conf.swk: Vim swap file, version 7.2
[01:14:32] Warning: Hidden file found: /etc/.resolv.conf.swl: Vim swap file, version 7.2
[01:14:32] Warning: Hidden file found: /etc/.resolv.conf.swn: Vim swap file, version 7.2
[01:14:32] Warning: Hidden file found: /etc/.resolv.conf.swo: Vim swap file, version 7.2
[01:14:32] Warning: Hidden file found: /etc/.resolv.conf.swp: Vim swap file, version 7.2
[01:14:32] Warning: Hidden file found: /usr/share/man/man1/..1.gz: gzip compressed data, from Unix, max compression
[01:14:32] Warning: Hidden file found: /usr/share/man/man5/.k5login.5.gz: gzip compressed data, from Unix, max compression
[01:14:32] Warning: Hidden file found: /usr/bin/.ssh.hmac: ASCII text
[01:14:32] Warning: Hidden file found: /usr/bin/.fipscheck.hmac: ASCII text
[01:14:32] Warning: Hidden file found: /usr/sbin/.ipsec.hmac: ASCII text
[01:14:32] Warning: Hidden file found: /usr/sbin/.sshd.hmac: ASCII text
[01:14:32]
[01:14:32] Checking application versions...
[01:14:32] Info: Starting test name 'apps'
[01:14:32] Info: Application 'exim' not found.
[01:14:32]   Checking version of GnuPG                       [ OK ]
[01:14:33] Info: Application 'gpg' version '2.0.14' found.
[01:14:33]   Checking version of Apache                      [ Warning ]
[01:14:33] Warning: Application 'httpd', version '2.2.15', is out of date, and possibly a security risk.
[01:14:33]   Checking version of Bind DNS                    [ OK ]
[01:14:33] Info: Application 'named' version '9.7.3' found.
[01:14:33]   Checking version of OpenSSL                     [ Warning ]
[01:14:33] Warning: Application 'openssl', version '0.9.7k', is out of date, and possibly a security risk.
[01:14:33]   Checking version of PHP                         [ OK ]
[01:14:33] Info: Application 'php' version '5.3.3' found.
[01:14:33]   Checking version of Procmail MTA                [ OK ]
[01:14:33] Info: Application 'procmail' version '3.22' found.
[01:14:33]   Checking version of ProFTPd                     [ Skipped ]
[01:14:33] Info: Unable to obtain version number for 'proftpd': version option gives: ProFTPD Version 1.3.3e
[01:14:33]   Checking version of OpenSSH                     [ OK ]
[01:14:33] Info: Application 'sshd' version '5.3p1' found.
[01:14:33] Info: Applications checked: 8 out of 9
[01:14:33]
[01:14:33] System checks summary
[01:14:33] =====================
[01:14:33]
[01:14:33] File properties checks...
[01:14:33] Files checked: 121
[01:14:33] Suspect files: 0
[01:14:33]
[01:14:33] Rootkit checks...
[01:14:33] Rootkits checked : 111
[01:14:33] Possible rootkits: 0
[01:14:33]
[01:14:33] Applications checks...
[01:14:33] Applications checked: 8
[01:14:33] Suspect applications: 2
[01:14:33]
[01:14:33] The system checks took: 52 seconds

Offline no_stress

  • Jr. Member
  • **
  • Post: 44
    • Mostra profilo
Re: Possibili problemi di sicurezza sul mio server da watchdog
« Risposta #13 il: 30 Aprile 2012, 01:42:14 »
notate qualcosa di strano e sapete come posso risolverlo? mi scuso per aver inserito tutti questi post...

Offline smeserver

  • Hero Member
  • *****
  • Post: 1313
    • Mostra profilo
Re: Possibili problemi di sicurezza sul mio server da watchdog
« Risposta #14 il: 30 Aprile 2012, 09:30:54 »
no

la prossima volta usa il tag "code" per inserire tutto in un unico post

altro suggerimento: rkhunter è noto per essere prono a falsi positivi, quindi prendi sempre i risultati "con le pinze"
il tuo server difficilmente sarà compromesso se lo terrai aggiornato e, se esponi applicazioni web, esse saranno scritte con criterio, tenute aggiornate e con permessi corretti.. 777 è male