Welcome to Linux Forums!

With a comprehensive Linux Forum, information on various types of Linux software and many Linux Reviews articles, we have all the knowledge you need a click away, or accessible via our knowledgeable members.

Linux Forum ArticlesLinux ForumsLinux Forum DownloadsLinux Hosts
Home|Register|FAQ|Member List|Calendar|Unanswered Posts|Forum Rules|Today's Posts|Advanced Search|
SEARCH FOR IN
Go Back   Linux Forums > GNU Linux Zone > Linux Security
Reload this Page Searching for suspicious files and dirs, it may take a while... long list
Linux Forums
Linux Forums
Welcome To The Linux Forums!
Welcome to Linux Forums. We pride ourselves in being one of the largest Linux communities on the web, we encourage you to REGISTER on our forums and participate in the community. There are over 150,000 members ready to answer your questions. JOINING US today will allow you to make new posts, get support, send messages to other members and submit downloads to our downloads directory and many other great features!

Linux Security Discussion about keeping your machines secure, and the crackers out.

Reply
 
Thread Tools Display Modes
Old 05-10-2008   #1 (permalink)
brev
Just Joined!
 
Join Date: May 2008
Posts: 1
Searching for suspicious files and dirs, it may take a while... long list
os suse 10.1

I think the list is very long do i have security problems?
linux:/etc/ssh # chkrootkit
ROOTDIR is `/'
Checking `amd'... not found
Checking `basename'... not infected
Checking `biff'... not found
Checking `chfn'... not infected
Checking `chsh'... not infected
Checking `cron'... not infected
Checking `date'... not infected
Checking `du'... not infected
Checking `dirname'... not infected
Checking `echo'... not infected
Checking `egrep'... not infected
Checking `env'... not infected
Checking `find'... not infected
Checking `fingerd'... not found
Checking `gpm'... not infected
Checking `grep'... not infected
Checking `hdparm'... not infected
Checking `su'... not infected
Checking `ifconfig'... not infected
Checking `inetd'... not tested
Checking `inetdconf'... not found
Checking `identd'... not found
Checking `init'... not infected
Checking `killall'... not infected
Checking `ldsopreload'... not infected
Checking `login'... not infected
Checking `ls'... not infected
Checking `lsof'... not infected
Checking `mail'... not infected
Checking `mingetty'... not infected
Checking `netstat'... not infected
Checking `named'... not found
Checking `passwd'... not infected
Checking `pidof'... not infected
Checking `pop2'... not found
Checking `pop3'... not found
Checking `ps'... not infected
Checking `pstree'... not infected
Checking `rpcinfo'... not infected
Checking `rlogind'... not found
Checking `rshd'... not found
Checking `slogin'... not infected
Checking `sendmail'... not infected
Checking `sshd'... not infected
Checking `syslogd'... not tested
Checking `tar'... not infected
Checking `tcpd'... not infected
Checking `tcpdump'... not infected
Checking `top'... not infected
Checking `telnetd'... not found
Checking `timed'... not found
Checking `traceroute'... not infected
Checking `vdir'... not infected
Checking `w'... not infected
Checking `write'... not infected
Checking `aliens'... no suspect files
Searching for sniffer's logs, it may take a while... nothing found
Searching for HiDrootkit's default dir... nothing found
Searching for t0rn's default files and dirs... nothing found
Searching for t0rn's v8 defaults... nothing found
Searching for Lion Worm default files and dirs... nothing found
Searching for RSHA's default files and dir... nothing found
Searching for RH-Sharpe's default files... nothing found
Searching for Ambient's rootkit (ark) default files and dirs... nothing found
Searching for suspicious files and dirs, it may take a while...
/usr/lib/perl5/5.8.8/x86_64-linux-thread-multi/.packlist /usr/lib/perl5/vendor_p
erl/5.8.8/x86_64-linux-thread-multi/auto/IO/Zlib/.packlist /usr/lib/perl5/vendor
_perl/5.8.8/x86_64-linux-thread-multi/auto/IO/Socket/SSL/.packlist /usr/lib/perl
5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/IO/Stringy/.packlist /usr/lib
/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/LWP/.packlist /usr/lib/p
erl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Net/IP/.packlist /usr/lib/
perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Net/DNS/.packlist /usr/li
b/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Net/LDAP/.packlist /usr
/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Net/SSLeay/.packlist
/usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Net/Server/.pac
klist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Net/Netmas
k/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/URI/
.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Tie/Ix
Hash/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/X
ML/SAX/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto
/XML/Parser/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi
/auto/XML/Writer/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-
multi/auto/XML/NamespaceSupport/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_6
4-linux-thread-multi/auto/ycp/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-
linux-thread-multi/auto/HTML/Parser/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x
86_64-linux-thread-multi/auto/HTML/Tagset/.packlist /usr/lib/perl5/vendor_perl/5
.8.8/x86_64-linux-thread-multi/auto/File/Remove/.packlist /usr/lib/perl5/vendor_
perl/5.8.8/x86_64-linux-thread-multi/auto/MIME/Types/.packlist /usr/lib/perl5/ve
ndor_perl/5.8.8/x86_64-linux-thread-multi/auto/Mail/Box/.packlist /usr/lib/perl5
/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Mail/SpamAssassin/.packlist /u
sr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Mail/.packlist /us
r/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Mail/IMAPClient/.pa
cklist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/X500/DN/.
packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Term/Re
adKey/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/
Text/Reform/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi
/auto/Text/Autoformat/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-th
read-multi/auto/Unix/Syslog/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-li
nux-thread-multi/auto/User/Identity/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x
86_64-linux-thread-multi/auto/Config/Crontab/.packlist /usr/lib/perl5/vendor_per
l/5.8.8/x86_64-linux-thread-multi/auto/Digest/MD4/.packlist /usr/lib/perl5/vendo
r_perl/5.8.8/x86_64-linux-thread-multi/auto/Digest/HMAC/.packlist /usr/lib/perl5
/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Digest/SHA1/.packlist /usr/lib
/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Crypt/SmbHash/.packlist
/usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Cyrus/IMAP/.pack
list /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Cyrus/SIEVE
/managesieve/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-mult
i/auto/Parse/RecDescent/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-
thread-multi/auto/Archive/Tar/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-
linux-thread-multi/auto/Archive/Zip/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x
86_64-linux-thread-multi/auto/Locale/gettext/.packlist /usr/lib/perl5/vendor_per
l/5.8.8/x86_64-linux-thread-multi/auto/Compress/Zlib/.packlist /usr/lib/perl5/ve
ndor_perl/5.8.8/x86_64-linux-thread-multi/auto/Object/Realize/Later/.packlist /u
sr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/mod_perl2/.packlis
t /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Convert/ASN1/.
packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/Convert
/TNEF/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/auto/
Convert/UUlib/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-thread-mul
ti/auto/MIME-tools/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-threa
d-multi/auto/TimeDate/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-linux-th
read-multi/auto/BerkeleyDB/.packlist /usr/lib/perl5/vendor_perl/5.8.8/x86_64-lin
ux-thread-multi/auto/Bootloader/.packlist

Searching for LPD Worm files and dirs... nothing found
Searching for Ramen Worm files and dirs... nothing found
Searching for Maniac files and dirs... nothing found
Searching for RK17 files and dirs... nothing found
Searching for Ducoci rootkit... nothing found
Searching for Adore Worm... nothing found
Searching for ShitC Worm... nothing found
Searching for Omega Worm... nothing found
Searching for Sadmind/IIS Worm... nothing found
Searching for MonKit... nothing found
Searching for Showtee... nothing found
Searching for OpticKit... nothing found
Searching for T.R.K... nothing found
Searching for Mithra... nothing found
Searching for OBSD rk v1... nothing found
Searching for LOC rootkit... nothing found
Searching for Romanian rootkit... nothing found
Searching for Suckit rootkit... nothing found
Searching for Volc rootkit... nothing found
Searching for Gold2 rootkit... nothing found
Searching for TC2 Worm default files and dirs... nothing found
Searching for Anonoying rootkit default files and dirs... nothing found
Searching for ZK rootkit default files and dirs... nothing found
Searching for ShKit rootkit default files and dirs... nothing found
Searching for AjaKit rootkit default files and dirs... nothing found
Searching for zaRwT rootkit default files and dirs... nothing found
Searching for Madalin rootkit default files... nothing found
Searching for Fu rootkit default files... nothing found
Searching for ESRK rootkit default files... nothing found
Searching for rootedoor... nothing found
Searching for anomalies in shell history files... nothing found
Checking `asp'... not infected
Checking `bindshell'... not infected
Checking `lkm'... chkproc: nothing detected
Checking `rexedcs'... not found
Checking `sniffer'... eth0: not promisc and no PF_PACKET sockets
Checking `w55808'... not infected
Checking `wted'... chkwtmp: nothing deleted
Checking `scalper'... not infected
Checking `slapper'... not infected
Checking `z2'... chklastlog: nothing deleted
Checking `chkutmp'... chkutmp: nothing deleted
brev is offline   Reply With Quote
Old 05-10-2008   #2 (permalink)
bobescalin2005
Linux Newbie
 
bobescalin2005's Avatar
 
Join Date: Oct 2005
Location: Romania
Posts: 109
I don`t think so! You are clean!
Cheers!
__________________
Registered Linux user #471256
http://counter.li.org
Don`t give up so easy...
calin
bobescalin2005 is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT. The time now is 06:40 AM.

Contact Us | Advertise | Archive | Top
Powered by vBulletin 3.6.8 ©2000 - 2007, content relevant URLs by vBSEO, Property of Core Root.

Content Relevant URLs by vBSEO 3.0.0