Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

antirootkit x ubuntu Opzioni
adamerca
Inviato: Saturday, December 27, 2008 1:54:41 PM

Rank: AiutAmico

Iscritto dal : 9/1/2008
Posts: 502
Buongiorno a tutti, cause di forza maggiore mi hanno impedito di augurare
un buon Natale a tutti voi amici del forum. Ora, nell'augurarvi un felice
e prospero anno nuovo, colgo l'occasione per chiedervi lumi per quanto segue:
per curiosità ho installato "chkrootkit e rkhunter" con il comando
sudo apt-get install chkrootkit rkhunter
.
dopo avvio con: sudo chkrootkit e scansionato con: sudo rkhunter -c
ho avuto una lista lunghissima con quasi tutto OK tranne che per:
/usr/bin/perl [ Warning ] ... e:
Checking application versions...

Checking version of Exim MTA [ OK ]
Checking version of GnuPG [ OK ]
Checking version of OpenSSL [ OK ]


System checks summary
=====================

File properties checks...
Files checked: 122
Suspect files: 0

Rootkit checks...
Rootkits checked : 109
Possible rootkits: 0

Applications checks...
Applications checked: 3
Suspect applications: 0

The system checks took: 1 minute and 15 seconds

All results have been written to the logfile (/var/log/rkhunter.log)

One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter.log)

adamerca@adamerca-desktop:~$

Ora, in /var/log/rkhunter.log ci sono ci sono due cartelle con questo nome con un punto rosso ed una X e se tento di aprirle per vedere il contenuto mi si avvisa che non ho permessi sufficienti per aprire il file.
Qualche suggerimento sul da farsi ??? Grazie a tutti.
Think Think

Sponsor
Inviato: Saturday, December 27, 2008 1:54:41 PM

 
liv3llo0
Inviato: Saturday, December 27, 2008 10:48:26 PM

Rank: AiutAmico

Iscritto dal : 8/30/2008
Posts: 166
adamerca ha scritto:
Buongiorno a tutti, cause di forza maggiore mi hanno impedito di augurare
un buon Natale a tutti voi amici del forum. Ora, nell'augurarvi un felice
e prospero anno nuovo, colgo l'occasione per chiedervi lumi per quanto segue:
per curiosità ho installato "chkrootkit e rkhunter" con il comando
sudo apt-get install chkrootkit rkhunter
.
dopo avvio con: sudo chkrootkit e scansionato con: sudo rkhunter -c
ho avuto una lista lunghissima con quasi tutto OK tranne che per:
/usr/bin/perl [ Warning ] ... e:
Checking application versions...

Checking version of Exim MTA [ OK ]
Checking version of GnuPG [ OK ]
Checking version of OpenSSL [ OK ]


System checks summary
=====================

File properties checks...
Files checked: 122
Suspect files: 0

Rootkit checks...
Rootkits checked : 109
Possible rootkits: 0

Applications checks...
Applications checked: 3
Suspect applications: 0

The system checks took: 1 minute and 15 seconds

All results have been written to the logfile (/var/log/rkhunter.log)

One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter.log)

adamerca@adamerca-desktop:~$

Ora, in /var/log/rkhunter.log ci sono ci sono due cartelle con questo nome con un punto rosso ed una X e se tento di aprirle per vedere il contenuto mi si avvisa che non ho permessi sufficienti per aprire il file.
Qualche suggerimento sul da farsi ??? Grazie a tutti.
Think Think


devi acquisire i diritti di root per leggere quei file
sudo cat /var/log/rkhunter.log
monsee
Inviato: Sunday, December 28, 2008 1:37:31 AM
Rank: AiutAmico

Iscritto dal : 4/5/2005
Posts: 22,971
Comunque, mi par che NON ti sia stato rilevato nessun rootkit...
adamerca
Inviato: Sunday, December 28, 2008 8:44:48 AM

Rank: AiutAmico

Iscritto dal : 9/1/2008
Posts: 502
monsee-liv3llo0 grazie, tempestivi come sempre...le cartelle le ho aperte. Grazie !
Solo x ulteriore scrupolo allego (chiedo scusa se è lungo) il log ..se potete confermarmi
che è tutto OK..molto grato.
Grazie ancora e Buon Anno a tutti.
13:28:41] Checking for file '/usr/bin/lkillall' [ Not found ]
[13:28:41] Checking for file '/usr/bin/ldu' [ Not found ]
[13:28:41] Checking for file '/usr/bin/lnetstat' [ Not found ]
[13:28:41] Checking for file '/usr/bin/wp' [ Not found ]
[13:28:41] Checking for file '/usr/bin/shad' [ Not found ]
[13:28:41] Checking for file '/usr/bin/vadim' [ Not found ]
[13:28:41] Checking for file '/usr/bin/slice' [ Not found ]
[13:28:41] Checking for file '/usr/bin/cleaner' [ Not found ]
[13:28:41] Checking for file '/usr/include/rpcsvc/du' [ Not found ]
[13:28:41] RH-Sharpe's Rootkit [ Not found ]
[13:28:41]
[13:28:41] Checking for RSHA's Rootkit...
[13:28:41] Checking for file '/bin/kr4p' [ Not found ]
[13:28:41] Checking for file '/usr/bin/n3tstat' [ Not found ]
[13:28:42] Checking for file '/usr/bin/chsh2' [ Not found ]
[13:28:42] Checking for file '/usr/bin/slice2' [ Not found ]
[13:28:42] Checking for file '/usr/src/linux/arch/alpha/lib/.lib/.1proc' [ Not found ]
[13:28:42] Checking for file '/etc/rc.d/arch/alpha/lib/.lib/.1addr' [ Not found ]
[13:28:42] Checking for directory '/etc/rc.d/rsha' [ Not found ]
[13:28:42] Checking for directory '/etc/rc.d/arch/alpha/lib/.lib' [ Not found ]
[13:28:42] RSHA's Rootkit [ Not found ]
[13:28:42]
[13:28:42] Checking for Scalper Worm...
[13:28:42] Checking for file '/tmp/.a' [ Not found ]
[13:28:42] Checking for file '/tmp/.uua' [ Not found ]
[13:28:42] Scalper Worm [ Not found ]
[13:28:42]
[13:28:42] Checking for Sebek LKM...
[13:28:42] Checking for kernel symbol 'adore or sebek' [ Not found ]
[13:28:42] Sebek LKM [ Not found ]
[13:28:42]
[13:28:42] Checking for Shutdown Rootkit...
[13:28:42] Checking for file '/usr/man/man5/.. /.dir/scannah/asus' [ Not found ]
[13:28:42] Checking for file '/usr/man/man5/.. /.dir/see' [ Not found ]
[13:28:42] Checking for file '/usr/man/man5/.. /.dir/nscd' [ Not found ]
[13:28:42] Checking for file '/usr/man/man5/.. /.dir/alpd' [ Not found ]
[13:28:42] Checking for file '/etc/rc.d/rc.local ' [ Not found ]
[13:28:42] Checking for directory '/usr/man/man5/.. /.dir' [ Not found ]
[13:28:42] Checking for directory '/usr/man/man5/.. /.dir/scannah' [ Not found ]
[13:28:42] Checking for directory '/etc/rc.d/rc0.d/.. /.dir' [ Not found ]
[13:28:42] Shutdown Rootkit [ Not found ]
[13:28:42]
[13:28:42] Checking for SHV4 Rootkit...
[13:28:42] Checking for file '/etc/ld.so.hash' [ Not found ]
[13:28:43] Checking for file '/lib/libext-2.so.7' [ Not found ]
[13:28:43] Checking for file '/lib/lidps1.so' [ Not found ]
[13:28:43] Checking for file '/usr/sbin/xntps' [ Not found ]
[13:28:43] Checking for directory '/lib/security/.config' [ Not found ]
[13:28:43] Checking for directory '/lib/security/.config/ssh' [ Not found ]
[13:28:43] SHV4 Rootkit [ Not found ]
[13:28:43]
[13:28:43] Checking for SHV5 Rootkit...
[13:28:43] Checking for file '/etc/sh.conf' [ Not found ]
[13:28:43] Checking for file '/dev/srd0' [ Not found ]
[13:28:43] Checking for directory '/usr/lib/libsh' [ Not found ]
[13:28:43] SHV5 Rootkit [ Not found ]
[13:28:43]
[13:28:43] Checking for Sin Rootkit...
[13:28:43] Checking for file '/dev/.haos/haos1/.f/Denyed' [ Not found ]
[13:28:43] Checking for file '/dev/ttyoa' [ Not found ]
[13:28:43] Checking for file '/dev/ttyof' [ Not found ]
[13:28:43] Checking for file '/dev/ttyop' [ Not found ]
[13:28:43] Checking for file '/dev/ttyos' [ Not found ]
[13:28:43] Checking for file '/usr/lib/.lib' [ Not found ]
[13:28:43] Checking for file '/usr/lib/sn/.X' [ Not found ]
[13:28:43] Checking for file '/usr/lib/sn/.sys' [ Not found ]
[13:28:43] Checking for file '/usr/lib/ld/.X' [ Not found ]
[13:28:43] Checking for file '/usr/man/man1/...' [ Not found ]
[13:28:43] Checking for file '/usr/man/man1/.../.m' [ Not found ]
[13:28:43] Checking for file '/usr/man/man1/.../.w' [ Not found ]
[13:28:43] Checking for directory '/usr/lib/sn' [ Not found ]
[13:28:43] Checking for directory '/usr/lib/man1/...' [ Not found ]
[13:28:43] Checking for directory '/dev/.haos' [ Not found ]
[13:28:43] Sin Rootkit [ Not found ]
[13:28:43]
[13:28:43] Checking for Slapper Worm...
[13:28:43] Checking for file '/tmp/.bugtraq' [ Not found ]
[13:28:43] Checking for file '/tmp/.uubugtraq' [ Not found ]
[13:28:43] Checking for file '/tmp/.bugtraq.c' [ Not found ]
[13:28:43] Checking for file '/tmp/httpd' [ Not found ]
[13:28:43] Checking for file '/tmp/.unlock' [ Not found ]
[13:28:43] Checking for file '/tmp/update' [ Not found ]
[13:28:43] Checking for file '/tmp/.cinik' [ Not found ]
[13:28:43] Checking for file '/tmp/.b' [ Not found ]
[13:28:43] Slapper Worm [ Not found ]
[13:28:43]
[13:28:43] Checking for Sneakin Rootkit...
[13:28:43] Checking for directory '/tmp/.X11-unix/.../rk' [ Not found ]
[13:28:44] Sneakin Rootkit [ Not found ]
[13:28:44]
[13:28:44] Checking for Suckit Rootkit...
[13:28:44] Checking for file '/sbin/initsk12' [ Not found ]
[13:28:44] Checking for file '/sbin/initxrk' [ Not found ]
[13:28:44] Checking for file '/usr/bin/null' [ Not found ]
[13:28:44] Checking for file '/usr/share/locale/sk/.sk12/sk' [ Not found ]
[13:28:44] Checking for file '/etc/rc.d/rc0.d/S23kmdac' [ Not found ]
[13:28:44] Checking for file '/etc/rc.d/rc1.d/S23kmdac' [ Not found ]
[13:28:44] Checking for file '/etc/rc.d/rc2.d/S23kmdac' [ Not found ]
[13:28:44] Checking for file '/etc/rc.d/rc3.d/S23kmdac' [ Not found ]
[13:28:44] Checking for file '/etc/rc.d/rc4.d/S23kmdac' [ Not found ]
[13:28:44] Checking for file '/etc/rc.d/rc5.d/S23kmdac' [ Not found ]
[13:28:44] Checking for file '/etc/rc.d/rc6.d/S23kmdac' [ Not found ]
[13:28:44] Checking for directory '/dev/sdhu0/tehdrakg' [ Not found ]
[13:28:44] Checking for directory '/etc/.MG' [ Not found ]
[13:28:44] Checking for directory '/usr/share/locale/sk/.sk12' [ Not found ]
[13:28:44] Checking for directory '/usr/lib/perl5/site_perl/i386-linux/auto/TimeDate/.packlist' [ Not found ]
[13:28:44] Suckit Rootkit [ Not found ]
[13:28:44]
[13:28:44] Checking for SunOS Rootkit...
[13:28:44] Checking for file '/etc/ld.so.hash' [ Not found ]
[13:28:44] Checking for file '/lib/libext-2.so.7' [ Not found ]
[13:28:44] Checking for file '/usr/bin/ssh2d' [ Not found ]
[13:28:44] Checking for file '/bin/xlogin' [ Not found ]
[13:28:44] Checking for file '/usr/lib/crth.o' [ Not found ]
[13:28:44] Checking for file '/usr/lib/crtz.o' [ Not found ]
[13:28:44] Checking for file '/sbin/login' [ Not found ]
[13:28:44] Checking for file '/lib/security/.config/sn' [ Not found ]
[13:28:44] Checking for file '/lib/security/.config/lpsched' [ Not found ]
[13:28:44] Checking for file '/dev/kmod' [ Not found ]
[13:28:44] Checking for file '/dev/dos' [ Not found ]
[13:28:44] SunOS Rootkit [ Not found ]
[13:28:44]
[13:28:44] Checking for SunOS / NSDAP Rootkit...
[13:28:44] Checking for file '/usr/lib/vold/nsdap/.kit' [ Not found ]
[13:28:44] Checking for file '/usr/lib/vold/nsdap/defines' [ Not found ]
[13:28:44] Checking for file '/usr/lib/vold/nsdap/patcher' [ Not found ]
[13:28:44] Checking for file '/usr/lib/vold/nsdap/pg' [ Not found ]
[13:28:44] Checking for file '/usr/lib/vold/nsdap/cleaner' [ Not found ]
[13:28:44] Checking for file '/usr/lib/vold/nsdap/utime' [ Not found ]
[13:28:44] Checking for file '/usr/lib/vold/nsdap/crypt' [ Not found ]
[13:28:44] Checking for file '/usr/lib/vold/nsdap/findkit' [ Not found ]
[13:28:44] Checking for file '/usr/lib/vold/nsdap/sn2' [ Not found ]
[13:28:45] Checking for file '/usr/lib/vold/nsdap/sniffload' [ Not found ]
[13:28:45] Checking for file '/usr/lib/vold/nsdap/runsniff' [ Not found ]
[13:28:45] Checking for file '/usr/lib/lpset' [ Not found ]
[13:28:45] Checking for directory '/usr/lib/vold/nsdap' [ Not found ]
[13:28:45] SunOS / NSDAP Rootkit [ Not found ]
[13:28:45]
[13:28:45] Checking for Superkit Rootkit...
[13:28:45] Checking for file '/usr/man/.sman/sk' [ Not found ]
[13:28:45] Superkit Rootkit [ Not found ]
[13:28:45]
[13:28:45] Checking for TBD (Telnet BackDoor)...
[13:28:45] Checking for file '/usr/lib/.tbd' [ Not found ]
[13:28:45] TBD (Telnet BackDoor) [ Not found ]
[13:28:45]
[13:28:45] Checking for TeLeKiT Rootkit...
[13:28:45] Checking for file '/usr/man/man3/.../TeLeKiT/bin/sniff' [ Not found ]
[13:28:45] Checking for file '/usr/man/man3/.../TeLeKiT/bin/telnetd' [ Not found ]
[13:28:45] Checking for file '/usr/man/man3/.../TeLeKiT/bin/teleulo' [ Not found ]
[13:28:45] Checking for file '/usr/man/man3/.../cl' [ Not found ]
[13:28:45] Checking for file '/dev/ptyr' [ Not found ]
[13:28:45] Checking for file '/dev/ptyp' [ Not found ]
[13:28:45] Checking for file '/dev/ptyq' [ Not found ]
[13:28:45] Checking for file '/dev/hda06' [ Not found ]
[13:28:45] Checking for file '/usr/info/libc1.so' [ Not found ]
[13:28:45] Checking for directory '/usr/man/man3/...' [ Not found ]
[13:28:45] Checking for directory '/usr/man/man3/.../lsniff' [ Not found ]
[13:28:45] Checking for directory '/usr/man/man3/.../TeLeKiT' [ Not found ]
[13:28:45] TeLeKiT Rootkit [ Not found ]
[13:28:45]
[13:28:45] Checking for T0rn Rootkit...
[13:28:45] Checking for file '/dev/.lib/lib/lib/t0rns' [ Not found ]
[13:28:45] Checking for file '/dev/.lib/lib/lib/du' [ Not found ]
[13:28:45] Checking for file '/dev/.lib/lib/lib/ls' [ Not found ]
[13:28:45] Checking for file '/dev/.lib/lib/lib/t0rnsb' [ Not found ]
[13:28:45] Checking for file '/dev/.lib/lib/lib/ps' [ Not found ]
[13:28:45] Checking for file '/dev/.lib/lib/lib/t0rnp' [ Not found ]
[13:28:45] Checking for file '/dev/.lib/lib/lib/find' [ Not found ]
[13:28:45] Checking for file '/dev/.lib/lib/lib/ifconfig' [ Not found ]
[13:28:45] Checking for file '/dev/.lib/lib/lib/pg' [ Not found ]
[13:28:45] Checking for file '/dev/.lib/lib/lib/ssh.tgz' [ Not found ]
[13:28:45] Checking for file '/dev/.lib/lib/lib/top' [ Not found ]
[13:28:45] Checking for file '/dev/.lib/lib/lib/sz' [ Not found ]
[13:28:45] Checking for file '/dev/.lib/lib/lib/login' [ Not found ]
[13:28:45] Checking for file '/dev/.lib/lib/lib/in.fingerd' [ Not found ]
[13:28:46] Checking for file '/dev/.lib/lib/lib/1i0n.sh' [ Not found ]
[13:28:46] Checking for file '/dev/.lib/lib/lib/pstree' [ Not found ]
[13:28:46] Checking for file '/dev/.lib/lib/lib/in.telnetd' [ Not found ]
[13:28:46] Checking for file '/dev/.lib/lib/lib/mjy' [ Not found ]
[13:28:46] Checking for file '/dev/.lib/lib/lib/sush' [ Not found ]
[13:28:46] Checking for file '/dev/.lib/lib/lib/tfn' [ Not found ]
[13:28:46] Checking for file '/dev/.lib/lib/lib/name' [ Not found ]
[13:28:46] Checking for file '/dev/.lib/lib/lib/getip.sh' [ Not found ]
[13:28:46] Checking for file '/usr/info/.torn/sh*' [ Not found ]
[13:28:46] Checking for file '/usr/src/.puta/.1addr' [ Not found ]
[13:28:46] Checking for file '/usr/src/.puta/.1file' [ Not found ]
[13:28:46] Checking for file '/usr/src/.puta/.1proc' [ Not found ]
[13:28:46] Checking for file '/usr/src/.puta/.1logz' [ Not found ]
[13:28:46] Checking for file '/usr/info/.t0rn' [ Not found ]
[13:28:46] Checking for directory '/dev/.lib' [ Not found ]
[13:28:46] Checking for directory '/dev/.lib/lib' [ Not found ]
[13:28:46] Checking for directory '/dev/.lib/lib/lib' [ Not found ]
[13:28:46] Checking for directory '/dev/.lib/lib/lib/dev' [ Not found ]
[13:28:46] Checking for directory '/dev/.lib/lib/scan' [ Not found ]
[13:28:46] Checking for directory '/usr/src/.puta' [ Not found ]
[13:28:46] Checking for directory '/usr/man/man1/man1' [ Not found ]
[13:28:46] Checking for directory '/usr/man/man1/man1/lib' [ Not found ]
[13:28:46] Checking for directory '/usr/man/man1/man1/lib/.lib' [ Not found ]
[13:28:46] Checking for directory '/usr/man/man1/man1/lib/.lib/.backup' [ Not found ]
[13:28:46] T0rn Rootkit [ Not found ]
[13:28:46]
[13:28:46] Checking for Trojanit Kit...
[13:28:46] Checking for file '/bin/.ls' [ Not found ]
[13:28:46] Checking for file '/bin/.ps' [ Not found ]
[13:28:46] Checking for file '/bin/.netstat' [ Not found ]
[13:28:46] Checking for file '/usr/bin/.nop' [ Not found ]
[13:28:46] Checking for file '/usr/bin/.who' [ Not found ]
[13:28:46] Trojanit Kit [ Not found ]
[13:28:46]
[13:28:46] Checking for Tuxtendo Rootkit...
[13:28:46] Checking for file '/dev/tux/.addr' [ Not found ]
[13:28:46] Checking for file '/dev/tux/.cron' [ Not found ]
[13:28:46] Checking for file '/dev/tux/.file' [ Not found ]
[13:28:46] Checking for file '/dev/tux/.log' [ Not found ]
[13:28:46] Checking for file '/dev/tux/.proc' [ Not found ]
[13:28:46] Checking for file '/dev/tux/backup/crontab' [ Not found ]
[13:28:46] Checking for file '/dev/tux/backup/df' [ Not found ]
[13:28:47] Checking for file '/dev/tux/backup/dir' [ Not found ]
[13:28:47] Checking for file '/dev/tux/backup/find' [ Not found ]
[13:28:47] Checking for file '/dev/tux/backup/ifconfig' [ Not found ]
[13:28:47] Checking for file '/dev/tux/backup/locate' [ Not found ]
[13:28:47] Checking for file '/dev/tux/backup/netstat' [ Not found ]
[13:28:47] Checking for file '/dev/tux/backup/ps' [ Not found ]
[13:28:47] Checking for file '/dev/tux/backup/pstree' [ Not found ]
[13:28:47] Checking for file '/dev/tux/backup/syslogd' [ Not found ]
[13:28:47] Checking for file '/dev/tux/backup/tcpd' [ Not found ]
[13:28:47] Checking for file '/dev/tux/backup/top' [ Not found ]
[13:28:47] Checking for file '/dev/tux/backup/updatedb' [ Not found ]
[13:28:47] Checking for file '/dev/tux/backup/vdir' [ Not found ]
[13:28:47] Checking for directory '/dev/tux' [ Not found ]
[13:28:47] Checking for directory '/dev/tux/ssh2' [ Not found ]
[13:28:47] Checking for directory '/dev/tux/backup' [ Not found ]
[13:28:47] Tuxtendo Rootkit [ Not found ]
[13:28:47]
[13:28:47] Checking for URK Rootkit...
[13:28:47] Checking for file '/usr/man/man1/xxxxxxbin/find' [ Not found ]
[13:28:47] Checking for file '/usr/man/man1/xxxxxxbin/du' [ Not found ]
[13:28:47] Checking for file '/usr/man/man1/xxxxxxbin/ps' [ Not found ]
[13:28:47] Checking for file '/tmp/conf.inf' [ Not found ]
[13:28:47] Checking for directory '/usr/man/man1/xxxxxxbin' [ Not found ]
[13:28:47] URK Rootkit [ Not found ]
[13:28:47]
[13:28:47] Checking for VcKit Rootkit...
[13:28:47] Checking for directory '/usr/include/linux/modules/lib.so' [ Not found ]
[13:28:47] Checking for directory '/usr/include/linux/modules/lib.so/bin' [ Not found ]
[13:28:47] VcKit Rootkit [ Not found ]
[13:28:47]
[13:28:47] Checking for Volc Rootkit...
[13:28:47] Checking for directory '/var/spool/.recent' [ Not found ]
[13:28:47] Checking for directory '/var/spool/.recent/.files' [ Not found ]
[13:28:47] Checking for directory '/usr/lib/volc' [ Not found ]
[13:28:47] Checking for directory '/usr/lib/volc/backup' [ Not found ]
[13:28:47] Volc Rootkit [ Not found ]
[13:28:47]
[13:28:47] Checking for X-Org SunOS Rootkit...
[13:28:47] Checking for file '/usr/lib/libX.a/bin/tmpfl' [ Not found ]
[13:28:47] Checking for file '/usr/lib/libX.a/bin/rps' [ Not found ]
[13:28:47] Checking for file '/usr/bin/srload' [ Not found ]
[13:28:47] Checking for file '/usr/lib/libX.a/bin/sparcv7/rps' [ Not found ]
[13:28:47] Checking for file '/usr/sbin/modcheck' [ Not found ]
[13:28:47] Checking for directory '/usr/lib/libX.a' [ Not found ]
[13:28:48] Checking for directory '/usr/lib/libX.a/bin' [ Not found ]
[13:28:48] Checking for directory '/usr/lib/libX.a/bin/sparcv7' [ Not found ]
[13:28:48] Checking for directory '/usr/share/man...' [ Not found ]
[13:28:48] X-Org SunOS Rootkit [ Not found ]
[13:28:48]
[13:28:48] Checking for zaRwT.KiT Rootkit...
[13:28:48] Checking for file '/dev/rd/s/sendmeil' [ Not found ]
[13:28:48] Checking for file '/dev/ttyf' [ Not found ]
[13:28:48] Checking for file '/dev/ttyp' [ Not found ]
[13:28:48] Checking for file '/dev/ttyn' [ Not found ]
[13:28:48] Checking for file '/rk/tulz' [ Not found ]
[13:28:48] Checking for directory '/rk' [ Not found ]
[13:28:48] Checking for directory '/dev/rd/s' [ Not found ]
[13:28:48] zaRwT.KiT Rootkit [ Not found ]
[13:28:48]
[13:28:48] Performing additional rootkit checks
[13:28:48] Info: Starting test name 'additional_rkts'
[13:28:48]
[13:28:48] Performing Suckit Rookit additional checks
[13:28:48] Checking /sbin/init link count [ OK ]
[13:28:48] Checking for hidden file extensions [ None found ]
[13:28:48] Running skdet command [ Skipped ]
[13:28:48] Info: Unable to find the 'skdet' command
[13:28:48] Suckit Rookit additional checks [ OK ]
[13:28:48]
[13:28:48] Performing check of possible rootkit files and directories
[13:28:48] Info: Starting test name 'possible_rkt_files'
[13:28:48] Checking for file '/dev/sdr0' [ Not found ]
[13:28:48] Checking for file '/tmp/.syshackfile' [ Not found ]
[13:28:48] Checking for file '/tmp/.bash_history' [ Not found ]
[13:28:48] Checking for file '/usr/info/.clib' [ Not found ]
[13:28:48] Checking for file '/usr/sbin/tcp.log' [ Not found ]
[13:28:48] Checking for file '/usr/bin/take/pid' [ Not found ]
[13:28:48] Checking for file '/sbin/create' [ Not found ]
[13:28:48] Checking for file '/dev/ttypz' [ Not found ]
[13:28:48] Checking for directory '/usr/bin/take' [ Not found ]
[13:28:48] Checking for directory '/usr/src/.lib' [ Not found ]
[13:28:48] Checking for directory '/usr/share/man/man1/.1c' [ Not found ]
[13:28:48] Checking for directory '/lib/lblip.tk' [ Not found ]
[13:28:49] Checking for directory '/usr/sbin/...' [ Not found ]
[13:28:49] Checking for directory '/usr/share/.gun' [ Not found ]
[13:28:49] Checking for possible rootkit files and directories [ None found ]
[13:28:49]
[13:28:49] Performing check for possible rootkit strings
[13:28:49] Info: Starting test name 'possible_rkt_strings'
[13:28:49] Info: Found local startup file: /etc/rc.local
[13:28:49] Checking for string '/dev/proc/fuckit' [ Not found ]
[13:28:49] Checking for string 'FUCK' [ Not found ]
[13:28:49] Checking for string 'backdoor' [ Not found ]
[13:28:49] Checking for string 'vt200' [ Not found ]
[13:28:49] Checking for string '/usr/bin/xstat' [ Not found ]
[13:28:49] Checking for string '/bin/envpc' [ Not found ]
[13:28:49] Checking for string 'L4m3r0x' [ Not found ]
[13:28:49] Checking for string '/usr/lib/.tbd' [ Not found ]
[13:28:49] Checking for string '/dev/ptyxx/.file' [ Not found ]
[13:28:49] Checking for string '/dev/sgk' [ Not found ]
[13:28:49] Checking for string '/var/lock/subsys/...datafile...' [ Not found ]
[13:28:49] Checking for string '/usr/lib/.tbd' [ Not found ]
[13:28:49] Checking for string '/dev/proc/fuckit' [ Not found ]
[13:28:49] Checking for string '/lib/.sso' [ Not found ]
[13:28:49] Checking for string '/var/lock/subsys/...datafile...' [ Not found ]
[13:28:49] Checking for string '/dev/caca' [ Not found ]
[13:28:49] Checking for string '/dev/ttyoa' [ Not found ]
[13:28:49] Checking for string 'syg' [ Not found ]
[13:28:49] Checking for string '/dev/pts/01' [ Not found ]
[13:28:49] Checking for string 'tw33dl3' [ Not found ]
[13:28:49] Checking for string 'psniff' [ Not found ]
[13:28:49] Checking for string '/var/lock/subsys/...datafile...' [ Not found ]
[13:28:50] Checking for string 'promiscuous' [ Not found ]
[13:28:50] Checking for string '/usr/lib/.tbd' [ Not found ]
[13:28:50] Checking for string '/dev/xdta' [ Not found ]
[13:28:50] Checking for string '/usr/lib/.tbd' [ Not found ]
[13:28:50] Checking for string 'in.inetd' [ Not found ]
[13:28:50] Checking for string '#<HIDE_.*>' [ Not found ]
[13:28:50] Checking for string 'bin/xchk' [ Not found ]
[13:28:50] Checking for string 'bin/xsf' [ Not found ]
[13:28:50] Checking for possible rootkit strings [ None found ]
[13:28:50]
[13:28:50] Performing malware checks
[13:28:50] Info: Starting test name 'malware'
[13:28:50]
[13:28:50] Info: Test 'deleted_files' disabled at users request.
[13:28:50] Info: Starting test name 'running_procs'
[13:28:50] Checking running processes for suspicious files [ None found ]
[13:28:50]
[13:28:50] Info: Test 'hidden_procs' disabled at users request.
[13:28:50]
[13:28:50] Info: Test 'suspscan' disabled at users request.
[13:28:50]
[13:28:50] Performing check for login backdoors
[13:28:50] Info: Starting test name 'other_malware'
[13:28:50] Checking for '/bin/.login' [ Not found ]
[13:28:50] Checking for '/sbin/.login' [ Not found ]
[13:28:50] Checking for login backdoors [ None found ]
[13:28:50]
[13:28:50] Performing check for suspicious directories
[13:28:50] Checking for directory '/usr/X11R6/bin/.,/copy' [ Not found ]
[13:28:50] Checking for directory '/dev/rd/cdb' [ Not found ]
[13:28:50] Checking for suspicious directories [ None found ]
[13:28:50]
[13:28:50] Checking for software intrusions [ Skipped ]
[13:28:51] Info: Check skipped - tripwire not installed
[13:28:51]
[13:28:51] Performing check for sniffer log files
[13:28:51] Checking for file '/usr/lib/libice.log' [ Not found ]
[13:28:51] Checking for sniffer log files [ None found ]
[13:28:51]
[13:28:51] Performing trojan specific checks
[13:28:51] Info: Starting test name 'trojans'
[13:28:51] Info: Using inetd configuration file '/etc/inetd.conf'
[13:28:51] Checking for enabled inetd services [ OK ]
[13:28:51]
[13:28:51] Performing check for enabled xinetd services
[13:28:51] Checking for enabled xinetd services [ Skipped ]
[13:28:51] Info: Check skipped - file '/etc/xinetd.conf' does not exist.
[13:28:51] Info: Apache backdoor check skipped: Apache modules and configuration directories not found.
[13:28:51]
[13:28:51] Performing Linux specific checks
[13:28:51] Info: Starting test name 'os_specific'
[13:28:51] Checking kernel module commands [ OK ]
[13:28:51] Info: Using modules pathname of '/lib/modules/2.6.24-23-generic'
[13:28:51] Checking kernel module names [ OK ]
[13:29:01]
[13:29:01] Checking the network...
[13:29:01] Info: Starting test name 'network'
[13:29:01] Info: Starting test name 'ports'
[13:29:01]
[13:29:01] Performing check for backdoor ports
[13:29:02] Checking for UDP port 2001 [ Not found ]
[13:29:02] Checking for TCP port 2006 [ Not found ]
[13:29:02] Checking for TCP port 2128 [ Not found ]
[13:29:02] Checking for TCP port 14856 [ Not found ]
[13:29:02] Checking for TCP port 47107 [ Not found ]
[13:29:02] Checking for TCP port 60922 [ Not found ]
[13:29:02]
[13:29:02] Performing checks on the network interfaces
[13:29:02] Info: Starting test name 'promisc'
[13:29:02] Checking for promiscuous interfaces [ None found ]
[13:29:02]
[13:29:02] Info: Test 'packet_cap_apps' disabled at users request.
[13:29:04]
[13:29:04] Checking the local host...
[13:29:04] Info: Starting test name 'local_host'
[13:29:05]
[13:29:05] Performing system boot checks
[13:29:05] Info: Starting test name 'startup_files'
[13:29:05] Checking for local host name [ Found ]
[13:29:05] Info: Starting test name 'startup_malware'
[13:29:05] Info: Found local startup file: /etc/rc.local
[13:29:05] Checking for local startup files [ Found ]
[13:29:05] Checking local startup files for malware [ None found ]
[13:29:05] Info: Found system startup directory: /etc/init.d
[13:29:06] Checking system startup files for malware [ None found ]
[13:29:06]
[13:29:06] Performing group and account checks
[13:29:06] Info: Starting test name 'group_accounts'
[13:29:06] Checking for passwd file [ Found ]
[13:29:06] Info: Found password file: /etc/passwd
[13:29:06] Checking for root equivalent (UID 0) accounts [ None found ]
[13:29:06] Info: Found shadow file: /etc/shadow
[13:29:06] Checking for passwordless accounts [ None found ]
[13:29:06] Info: Starting test name 'passwd_changes'
[13:29:06] Checking for passwd file changes [ None found ]
[13:29:06] Info: Starting test name 'group_changes'
[13:29:06] Checking for group file changes [ None found ]
[13:29:06] Checking root account shell history files [ None found ]
[13:29:06]
[13:29:06] Performing system configuration file checks
[13:29:06] Info: Starting test name 'system_configs'
[13:29:06] Checking for SSH configuration file [ Not found ]
[13:29:06] Checking for running syslog daemon [ Found ]
[13:29:07] Checking for syslog configuration file [ Found ]
[13:29:07] Info: Found syslog configuration file: /etc/syslog.conf
[13:29:07] Checking if syslog remote logging is allowed [ Not allowed ]
[13:29:07]
[13:29:07] Performing filesystem checks
[13:29:07] Info: Starting test name 'filesystem'
[13:29:07] Info: SCAN_MODE_DEV set to 'THOROUGH'
[13:29:17] Checking /dev for suspicious file types [ Warning ]
[13:29:17] Warning: Suspicious file types found in /dev:
[13:29:17] /dev/shm/pulse-shm-4177227637: data
[13:29:17] Checking for hidden files and directories [ Warning ]
[13:29:17] Warning: Hidden directory found: /etc/.java
[13:29:17] Warning: Hidden directory found: /dev/.static
[13:29:17] Warning: Hidden directory found: /dev/.udev
[13:29:17] Warning: Hidden directory found: /dev/.initramfs
[13:29:22]
[13:29:22] Checking application versions...
[13:29:23] Info: Starting test name 'apps'
[13:29:23] Checking version of Exim MTA [ OK ]
[13:29:23] Info: Application 'exim' version '4.69' found.
[13:29:23] Checking version of GnuPG [ OK ]
[13:29:23] Info: Application 'gpg' version '1.4.6' found.
[13:29:23] Info: Application 'httpd' not found.
[13:29:23] Info: Application 'named' not found.
[13:29:23] Checking version of OpenSSL [ OK ]
[13:29:23] Info: Application 'openssl' version '0.9.8g' found.
[13:29:23] Info: Application 'php' not found.
[13:29:23] Info: Application 'procmail' not found.
[13:29:23] Info: Application 'proftpd' not found.
[13:29:23] Info: Application 'sshd' not found.
[13:29:23] Info: Applications checked: 3 out of 9
[13:29:24]
[13:29:24] System checks summary
[13:29:24] =====================
[13:29:24]
[13:29:24] File properties checks...
[13:29:24] Files checked: 122
[13:29:24] Suspect files: 1
[13:29:24]
[13:29:24] Rootkit checks...
[13:29:24] Rootkits checked : 109
[13:29:24] Possible rootkits: 0
[13:29:24]
[13:29:24] Applications checks...
[13:29:24] Applications checked: 3
[13:29:24] Suspect applications: 0
[13:29:24]
[13:29:24] The system checks took: 1 minute and 11 seconds
[13:29:24]
[13:29:24] Info: End date is sab dic 27 13:29:24 CET 2008
adamerca@adamerca-desktop:~$

liv3llo0
Inviato: Sunday, December 28, 2008 9:11:54 AM

Rank: AiutAmico

Iscritto dal : 8/30/2008
Posts: 166
i .log è utile andare a vederli quando viene segnalato un problema, nel tuo caso, nella schermata iniziale ti viene detto che non è stato trovato alcun problema, infatti i .log non riportano errori o altro.
adamerca
Inviato: Sunday, December 28, 2008 11:27:07 AM

Rank: AiutAmico

Iscritto dal : 9/1/2008
Posts: 502
liv3llo0, grazie, ora ho capito e sono tranquillo. Buona Domenica
monsee
Inviato: Sunday, December 28, 2008 3:02:08 PM
Rank: AiutAmico

Iscritto dal : 4/5/2005
Posts: 22,971
"Not found" significa semplicemente: "Corbezzoli, non l'ho scovato!"... Per cui, puoi anche dormir sonni tranquilli.
adamerca
Inviato: Sunday, December 28, 2008 5:11:11 PM

Rank: AiutAmico

Iscritto dal : 9/1/2008
Posts: 502
monsee, grazie, sono questi "warning" che mi preoccupano un po':
[13:29:17] Checking /dev for suspicious file types [ Warning ]
[13:29:17] Warning: Suspicious file types found in /dev:
[13:29:17] /dev/shm/pulse-shm-4177227637: data
[13:29:17] Checking for hidden files and directories [ Warning ]
[13:29:17] Warning: Hidden directory found: /etc/.java
[13:29:17] Warning: Hidden directory found: /dev/.static
[13:29:17] Warning: Hidden directory found: /dev/.udev
[13:29:17] Warning: Hidden directory found: /dev/.initramfs
tu che ne pensi ??
Think
monsee
Inviato: Sunday, December 28, 2008 7:53:32 PM
Rank: AiutAmico

Iscritto dal : 4/5/2005
Posts: 22,971
Sono "avvisi": ha rilevato dei files "sospetti" (ma che NON gli risultan quali rootkit). Questo, in base alla ricerca euristica, presumo.
Per quello che concerne le "directories" si tratta quasi certamente di falsi-positivi (accade, talora, che java venga infettato, naturalmente, ma... la possibilità (benché innegabile) NON costituisce di per sé infezione. Sul file pulse-shm-4177227637: data eccoti una letturina lodevole quanto interessante (anglofona, ovviamente):
http://ubuntuforums.org/showthread.php?p=4908163
Viene spiegato esattamente in che consiste questa voce (che NON dovrebbe essere cosa di cui preoccuparsi) e come fare sì che non si ripresenti.
adamerca
Inviato: Sunday, December 28, 2008 10:51:40 PM

Rank: AiutAmico

Iscritto dal : 9/1/2008
Posts: 502
monsee, sei proprio un mostro di bravura !! Interessante il link che mi hai dato e ho
capito che /dev/shm/pulse-shm non è pericoloso per il sistema e che si installa di
default con Ubuntu (hardy).
Grazie ancora..
monsee
Inviato: Monday, December 29, 2008 1:34:41 AM
Rank: AiutAmico

Iscritto dal : 4/5/2005
Posts: 22,971
Lieto d'essere stato di qualche aiuto. T'auguro un felice 2009, amico!
adamerca
Inviato: Monday, December 29, 2008 8:01:03 PM

Rank: AiutAmico

Iscritto dal : 9/1/2008
Posts: 502
Anche a te monsee e a tutti gli amici del forum. Buon 2009 !!
(p.s. poi mi dici come si fa ad aggiungere le emoticons come le tue)..ciao

Applause
monsee
Inviato: Monday, December 29, 2008 8:27:38 PM
Rank: AiutAmico

Iscritto dal : 4/5/2005
Posts: 22,971
Per le emoticons, uso un'estensione di Firefox che si chiama Smiley Xtra (questa estensione lavora identicamente sia in Windows che in qualsivoglia SO Linux)... Inoltre, su Aiutamici, è disponibile (e liberamente scaricabile) un programmino [solo per Windows] che serve per l'appunto a mettere le emoticons e che si chiama EmoPicker. http://software.aiutamici.com/software?ID=80259
adamerca
Inviato: Tuesday, December 30, 2008 6:26:49 PM

Rank: AiutAmico

Iscritto dal : 9/1/2008
Posts: 502

monsee, ho smiley extra su firefox..ora devo capire come si aggiungono le emoticons
adamerca
Inviato: Tuesday, December 30, 2008 6:30:15 PM

Rank: AiutAmico

Iscritto dal : 9/1/2008
Posts: 502
monsee, forse ce l'ho fatta !!

adamerca
Inviato: Tuesday, December 30, 2008 6:33:22 PM

Rank: AiutAmico

Iscritto dal : 9/1/2008
Posts: 502
monsee, si, ce l'ho proprio fatta...grazie

monsee
Inviato: Tuesday, December 30, 2008 9:20:13 PM
Rank: AiutAmico

Iscritto dal : 4/5/2005
Posts: 22,971
Applause Bravo! Complimenti! Applause
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.