Hi, i have problems with mails. When i pass the rkhunter i have this result: Code: (14:05:12) Running Rootkit Hunter version 1.3.4 on ns1 (14:05:12) (14:05:12) Info: Start date is mié mar 31 14:05:12 CEST 2010 (14:05:12) (14:05:12) Checking configuration file and command-line options... (14:05:12) Info: Detected operating system is 'Linux' (14:05:12) Info: Found O/S name: Debian 4.0 (14:05:12) Info: Command line is /usr/local/bin/rkhunter -c (14:05:12) Info: Environment shell is /bin/bash; rkhunter is using bash (14:05:12) Info: Using configuration file '/etc/rkhunter.conf' (14:05:12) Info: Installation directory is '/usr/local' (14:05:12) Info: Using language 'en' (14:05:12) Info: Using '/var/lib/rkhunter/db' as the database directory (14:05:12) Info: Using '/usr/local/lib/rkhunter/scripts' as the support script directory (14:05:12) Info: Using '/usr/local/sbin /usr/local/bin /usr/sbin /usr/bin /sbin /bin /bin /usr/bin /sbin /usr/sbin /usr/local/bin /usr/local/sbin /usr/libexec /usr/local/libexec' as the command directories (14:05:12) Info: Using '/' as the root directory by default (14:05:12) Info: Using '/var/lib/rkhunter/tmp' as the temporary directory (14:05:13) Info: No mail-on-warning address configured (14:05:13) Info: X will be automatically detected (14:05:13) Info: Found the 'diff' command: /usr/bin/diff (14:05:13) Info: Found the 'file' command: /usr/bin/file (14:05:13) Info: Found the 'find' command: /usr/bin/find (14:05:13) Info: Found the 'ifconfig' command: /sbin/ifconfig (14:05:13) Info: Unable to find the 'ip' command (14:05:13) Info: Found the 'ldd' command: /usr/bin/ldd (14:05:13) Info: Found the 'lsattr' command: /usr/bin/lsattr (14:05:13) Info: Found the 'lsmod' command: /sbin/lsmod (14:05:13) Info: Unable to find the 'lsof' command (14:05:13) Info: Found the 'mktemp' command: /bin/mktemp (14:05:13) Info: Found the 'netstat' command: /bin/netstat (14:05:13) Info: Found the 'perl' command: /usr/bin/perl (14:05:13) Info: Found the 'ps' command: /bin/ps (14:05:13) Info: Found the 'pwd' command: /bin/pwd (14:05:13) Info: Found the 'readlink' command: /bin/readlink (14:05:13) Info: Found the 'sort' command: /usr/bin/sort (14:05:13) Info: Found the 'stat' command: /usr/bin/stat (14:05:13) Info: Found the 'strings' command: /usr/bin/strings (14:05:13) Info: Found the 'uniq' command: /usr/bin/uniq (14:05:13) Info: System is not using prelinking (14:05:13) Info: Using the '/usr/bin/sha1sum' command for the file hash checks (14:05:13) Info: Stored hash values used hash function '/usr/bin/sha1sum' (14:05:13) Info: Stored hash values did not use a package manager (14:05:13) Info: The hash function field index is set to 1 (14:05:13) Info: No package manager specified: using hash function '/usr/bin/sha1sum' (14:05:13) Info: Previous file attributes were stored (14:05:13) Info: Enabled tests are: all (14:05:13) Info: Disabled tests are: suspscan hidden_procs deleted_files packet_cap_apps (14:05:13) Info: All ksyms and kallsyms checks will be skipped - neither file is present on the system. (14:05:13) (14:05:13) Checking if the O/S has changed since last time... (14:05:13) Info: Nothing seems to have changed (14:05:13) (14:05:13) Starting system checks... (14:05:13) (14:05:13) Checking system commands... (14:05:13) Info: Starting test name 'system_commands' (14:05:13) (14:05:13) Performing 'strings' command checks (14:05:13) Info: Starting test name 'strings' (14:05:13) Scanning for string /usr/sbin/ntpsx ( OK ) (14:05:14) Scanning for string /usr/lib/.../ls ( OK ) (14:05:14) Scanning for string /usr/lib/.../netstat ( OK ) (14:05:14) Scanning for string /usr/lib/.../lsof ( OK ) (14:05:14) Scanning for string /usr/lib/.../bkit-ssh/bkit-shdcfg ( OK ) (14:05:14) Scanning for string /usr/lib/.../bkit-ssh/bkit-shhk ( OK ) (14:05:14) Scanning for string /usr/lib/.../bkit-ssh/bkit-pw ( OK ) (14:05:14) Scanning for string /usr/lib/.../bkit-ssh/bkit-shrs ( OK ) (14:05:14) Scanning for string /usr/lib/.../uconf.inv ( OK ) (14:05:14) Scanning for string /usr/lib/.../psr ( OK ) (14:05:14) Scanning for string /usr/lib/.../find ( OK ) (14:05:14) Scanning for string /usr/lib/.../pstree ( OK ) (14:05:14) Scanning for string /usr/lib/.../slocate ( OK ) (14:05:14) Scanning for string /usr/lib/.../du ( OK ) (14:05:14) Scanning for string /usr/lib/.../top ( OK ) (14:05:14) Scanning for string /usr/lib/... ( OK ) (14:05:14) Scanning for string /usr/lib/.../bkit-ssh ( OK ) (14:05:14) Scanning for string /usr/lib/.bkit- ( OK ) (14:05:14) Scanning for string /tmp/.bkp ( OK ) (14:05:14) Scanning for string /tmp/.cinik ( OK ) (14:05:14) Scanning for string /tmp/.font-unix/.cinik ( OK ) (14:05:14) Scanning for string /lib/.sso ( OK ) (14:05:14) Scanning for string /lib/.so ( OK ) (14:05:14) Scanning for string /var/run/...dica/clean ( OK ) (14:05:14) Scanning for string /var/run/...dica/xl ( OK ) (14:05:14) Scanning for string /var/run/...dica/xdr ( OK ) (14:05:15) Scanning for string /var/run/...dica/psg ( OK ) (14:05:15) Scanning for string /var/run/...dica/secure ( OK ) (14:05:15) Scanning for string /var/run/...dica/rdx ( OK ) (14:05:15) Scanning for string /var/run/...dica/va ( OK ) (14:05:15) Scanning for string /var/run/...dica/cl.sh ( OK ) (14:05:15) Scanning for string /usr/bin/.etc ( OK ) (14:05:15) Scanning for string /usr/lib/.fx/sched_host.2 ( OK ) (14:05:15) Scanning for string /usr/lib/.fx/random_d.2 ( OK ) (14:05:15) Scanning for string /usr/lib/.fx/set_pid.2 ( OK ) (14:05:15) Scanning for string /usr/lib/.fx/cons.saver ( OK ) (14:05:15) Scanning for string /usr/lib/.fx/adore/adore/adore.ko ( OK ) (14:05:15) Scanning for string /bin/sysback ( OK ) (14:05:15) Scanning for string /usr/local/bin/sysback ( OK ) (14:05:15) Scanning for string /usr/lib/.tbd ( OK ) (14:05:15) Scanning for string /dev/.lib/lib/lib/t0rns ( OK ) (14:05:15) Scanning for string /dev/.lib/lib/lib/du ( OK ) (14:05:15) Scanning for string /dev/.lib/lib/lib/ls ( OK ) (14:05:15) Scanning for string /dev/.lib/lib/lib/t0rnsb ( OK ) (14:05:15) Scanning for string /dev/.lib/lib/lib/ps ( OK ) (14:05:15) Scanning for string /dev/.lib/lib/lib/t0rnp ( OK ) (14:05:15) Scanning for string /dev/.lib/lib/lib/find ( OK ) (14:05:15) Scanning for string /dev/.lib/lib/lib/ifconfig ( OK ) (14:05:15) Scanning for string /dev/.lib/lib/lib/pg ( OK ) (14:05:15) Scanning for string /dev/.lib/lib/lib/ssh.tgz ( OK ) (14:05:16) Scanning for string /dev/.lib/lib/lib/top ( OK ) (14:05:16) Scanning for string /dev/.lib/lib/lib/sz ( OK ) (14:05:16) Scanning for string /dev/.lib/lib/lib/login ( OK ) (14:05:16) Scanning for string /dev/.lib/lib/lib/in.fingerd ( OK ) (14:05:16) Scanning for string /dev/.lib/lib/lib/1i0n.sh ( OK ) (14:05:16) Scanning for string /dev/.lib/lib/lib/pstree ( OK ) (14:05:16) Scanning for string /dev/.lib/lib/lib/in.telnetd ( OK ) (14:05:16) Scanning for string /dev/.lib/lib/lib/mjy ( OK ) (14:05:16) Scanning for string /dev/.lib/lib/lib/sush ( OK ) (14:05:16) Scanning for string /dev/.lib/lib/lib/tfn ( OK ) (14:05:16) Scanning for string /dev/.lib/lib/lib/name ( OK ) (14:05:16) Scanning for string /dev/.lib/lib/lib/getip.sh ( OK ) (14:05:16) Scanning for string /usr/info/.torn/sh* ( OK ) (14:05:16) Scanning for string /usr/src/.puta/.1addr ( OK ) (14:05:16) Scanning for string /usr/src/.puta/.1file ( OK ) (14:05:16) Scanning for string /usr/src/.puta/.1proc ( OK ) (14:05:16) Scanning for string /usr/src/.puta/.1logz ( OK ) (14:05:16) Scanning for string /usr/info/.t0rn ( OK ) (14:05:16) Scanning for string /dev/.lib ( OK ) (14:05:16) Scanning for string /dev/.lib/lib ( OK ) (14:05:16) Scanning for string /dev/.lib/lib/lib ( OK ) (14:05:16) Scanning for string /dev/.lib/lib/lib/dev ( OK ) (14:05:16) Scanning for string /dev/.lib/lib/scan ( OK ) (14:05:17) Scanning for string /usr/src/.puta ( OK ) (14:05:17) Scanning for string /usr/man/man1/man1 ( OK ) (14:05:17) Scanning for string /usr/man/man1/man1/lib ( OK ) (14:05:17) Scanning for string /usr/man/man1/man1/lib/.lib ( OK ) (14:05:17) Scanning for string /usr/man/man1/man1/lib/.lib/.backup ( OK ) (14:05:17) (14:05:17) Performing 'shared libraries' checks (14:05:17) Info: Starting test name 'shared_libs' (14:05:17) Checking for preloading variables ( None found ) (14:05:17) Checking for preload file ( Not found ) (14:05:17) Info: Starting test name 'shared_libs_path' (14:05:17) Checking LD_LIBRARY_PATH variable ( Not found ) (14:05:17) (14:05:17) Performing file properties checks (14:05:17) Info: Starting test name 'properties' (14:05:17) Checking for prerequisites ( OK ) (14:05:17) /bin/bash ( Warning ) (14:05:17) Warning: The file properties have changed: (14:05:17) File: /bin/bash (14:05:17) Current inode: 85017415 Stored inode: 54214712 (14:05:17) /bin/cat ( Warning ) (14:05:18) Warning: The file properties have changed: (14:05:18) File: /bin/cat (14:05:18) Current inode: 85017795 Stored inode: 54214717 (14:05:18) /bin/chmod ( Warning ) (14:05:18) Warning: The file properties have changed: (14:05:18) File: /bin/chmod (14:05:18) Current inode: 85017814 Stored inode: 54214666 (14:05:18) /bin/chown ( Warning ) (14:05:18) Warning: The file properties have changed: (14:05:18) File: /bin/chown (14:05:18) Current inode: 85017887 Stored inode: 54214707 (14:05:18) /bin/cp ( Warning ) (14:05:18) Warning: The file properties have changed: (14:05:18) File: /bin/cp (14:05:18) Current inode: 85017991 Stored inode: 54214718 (14:05:18) /bin/date ( Warning ) (14:05:18) Warning: The file properties have changed: (14:05:18) File: /bin/date (14:05:18) Current inode: 85018165 Stored inode: 54214662 (14:05:19) /bin/df ( Warning ) (14:05:19) Warning: The file properties have changed: (14:05:19) File: /bin/df (14:05:19) Current inode: 85018287 Stored inode: 54214709 (14:05:19) /bin/dmesg ( Warning ) (14:05:19) Warning: The file properties have changed: (14:05:19) File: /bin/dmesg (14:05:19) Current inode: 85018292 Stored inode: 54214664 (14:05:19) /bin/echo ( Warning ) (14:05:19) Warning: The file properties have changed: (14:05:19) File: /bin/echo (14:05:19) Current inode: 85018294 Stored inode: 54214706 (14:05:19) /bin/ed ( Warning ) (14:05:19) Warning: The file properties have changed: (14:05:19) File: /bin/ed (14:05:19) Current inode: 85018295 Stored inode: 54214685 (14:05:19) /bin/egrep ( Warning ) (14:05:19) Warning: The file properties have changed: (14:05:19) File: /bin/egrep (14:05:19) Current inode: 85018296 Stored inode: 54214728 (14:05:20) Warning: The command '/bin/egrep' has been replaced by a script: /bin/egrep: Bourne shell script text executable (14:05:20) /bin/fgrep ( Warning ) (14:05:20) Warning: The file properties have changed: (14:05:20) File: /bin/fgrep (14:05:20) Current inode: 85018298 Stored inode: 54214711 (14:05:20) Warning: The command '/bin/fgrep' has been replaced by a script: /bin/fgrep: Bourne shell script text executable (14:05:20) /bin/fuser ( Warning ) (14:05:20) Warning: The file properties have changed: (14:05:20) File: /bin/fuser (14:05:20) Current inode: 85018299 Stored inode: 54216329 (14:05:20) /bin/grep ( Warning ) (14:05:20) Warning: The file properties have changed: (14:05:20) File: /bin/grep (14:05:20) Current inode: 85018300 Stored inode: 54214731 (14:05:20) /bin/kill ( Warning ) (14:05:20) Warning: The file properties have changed: (14:05:20) File: /bin/kill (14:05:20) Current inode: 85018303 Stored inode: 54214681 (14:05:21) /bin/login ( Warning ) (14:05:21) Warning: The file properties have changed: (14:05:21) File: /bin/login (14:05:21) Current inode: 85018305 Stored inode: 54215634 (14:05:21) /bin/ls ( Warning ) (14:05:21) Warning: The file properties have changed: (14:05:21) File: /bin/ls (14:05:21) Current inode: 85018306 Stored inode: 54214696 (14:05:21) /bin/lsmod ( Warning ) (14:05:21) Warning: The file properties have changed: (14:05:21) File: /bin/lsmod (14:05:21) Current inode: 85018307 Stored inode: 54214670 (14:05:21) /bin/mktemp ( Warning ) (14:05:21) Warning: The file properties have changed: (14:05:21) File: /bin/mktemp (14:05:21) Current inode: 85018310 Stored inode: 54214727 (14:05:22) /bin/more ( Warning ) (14:05:22) Warning: The file properties have changed: (14:05:22) File: /bin/more (14:05:22) Current inode: 85018311 Stored inode: 54214697 (14:05:22) /bin/mount ( Warning ) (14:05:22) Warning: The file properties have changed: (14:05:22) File: /bin/mount (14:05:22) Current inode: 85018312 Stored inode: 54214723 (14:05:22) /bin/mv ( Warning ) (14:05:22) Warning: The file properties have changed: (14:05:22) File: /bin/mv (14:05:22) Current inode: 85018315 Stored inode: 54214691 (14:05:22) /bin/netstat ( Warning ) (14:05:22) Warning: The file properties have changed: (14:05:22) File: /bin/netstat (14:05:22) Current inode: 85018318 Stored inode: 54214669 (14:05:22) /bin/ps ( Warning ) (14:05:22) Warning: The file properties have changed: (14:05:22) File: /bin/ps (14:05:23) Current inode: 85018321 Stored inode: 54214719 (14:05:23) /bin/pwd ( Warning ) (14:05:23) Warning: The file properties have changed: (14:05:23) File: /bin/pwd (14:05:23) Current inode: 85018322 Stored inode: 54214661 (14:05:23) /bin/readlink ( Warning ) (14:05:23) Warning: The file properties have changed: (14:05:23) File: /bin/readlink (14:05:23) Current inode: 85018323 Stored inode: 54214676 (14:05:23) /bin/sed ( Warning ) (14:05:23) Warning: The file properties have changed: (14:05:23) File: /bin/sed (14:05:23) Current inode: 85018327 Stored inode: 54214700 (14:05:23) /bin/sh ( Warning ) (14:05:23) Warning: The file properties have changed: (14:05:23) File: /bin/sh (14:05:23) Current inode: 85016588 Stored inode: 54214678 (14:05:24) /bin/su ( Warning ) (14:05:24) Warning: The file properties have changed: (14:05:24) File: /bin/su (14:05:24) Current inode: 85018330 Stored inode: 54215172 (14:05:24) /bin/touch ( Warning ) (14:05:24) Warning: The file properties have changed: (14:05:24) File: /bin/touch (14:05:24) Current inode: 85018334 Stored inode: 54214726 (14:05:24) /bin/uname ( Warning ) (14:05:24) Warning: The file properties have changed: (14:05:24) File: /bin/uname (14:05:24) Current inode: 85018337 Stored inode: 54214699 (14:05:24) /bin/which ( Warning ) (14:05:24) Warning: The file properties have changed: (14:05:24) File: /bin/which (14:05:24) Current inode: 85018339 Stored inode: 54214690 (14:05:24) Warning: The command '/bin/which' has been replaced by a script: /bin/which: Bourne shell script text executable (14:05:25) /usr/bin/awk ( Warning ) (14:05:25) Warning: The file properties have changed: (14:05:25) File: /usr/bin/awk (14:05:25) Current inode: 86033381 Stored inode: 54247802 (14:05:25) /usr/bin/basename ( Warning ) (14:05:25) Warning: The file properties have changed: (14:05:25) File: /usr/bin/basename (14:05:25) Current inode: 86036890 Stored inode: 54247714 (14:05:25) /usr/bin/chattr ( Warning ) (14:05:25) Warning: The file properties have changed: (14:05:25) File: /usr/bin/chattr (14:05:25) Current inode: 86036904 Stored inode: 54247703 (14:05:25) /usr/bin/cut ( Warning ) (14:05:25) Warning: The file properties have changed: (14:05:25) File: /usr/bin/cut (14:05:25) Current inode: 86036930 Stored inode: 54247669 (14:05:26) /usr/bin/diff ( Warning ) (14:05:26) Warning: The file properties have changed: (14:05:26) File: /usr/bin/diff (14:05:26) Current inode: 86036958 Stored inode: 54247922 (14:05:26) /usr/bin/dirname ( Warning ) (14:05:26) Warning: The file properties have changed: (14:05:26) File: /usr/bin/dirname (14:05:26) Current inode: 86036962 Stored inode: 54247768 (14:05:26) /usr/bin/dpkg ( Warning ) (14:05:26) Warning: The file properties have changed: (14:05:26) File: /usr/bin/dpkg (14:05:26) Current inode: 86036964 Stored inode: 54248313 (14:05:26) /usr/bin/dpkg-query ( Warning ) (14:05:26) Warning: The file properties have changed: (14:05:26) File: /usr/bin/dpkg-query (14:05:26) Current inode: 86036966 Stored inode: 54248315 (14:05:26) /usr/bin/du ( Warning ) (14:05:26) Warning: The file properties have changed: (14:05:26) File: /usr/bin/du (14:05:26) Current inode: 86036970 Stored inode: 54247793 (14:05:27) /usr/bin/env ( Warning ) (14:05:27) Warning: The file properties have changed: (14:05:27) File: /usr/bin/env (14:05:27) Current inode: 86036972 Stored inode: 54247849 (14:05:27) /usr/bin/file ( Warning ) (14:05:27) Warning: The file properties have changed: (14:05:27) File: /usr/bin/file (14:05:27) Current inode: 86036981 Stored inode: 54248083 (14:05:27) /usr/bin/find ( Warning ) (14:05:27) Warning: The file properties have changed: (14:05:27) File: /usr/bin/find (14:05:27) Current inode: 86036982 Stored inode: 54247872 (14:05:27) /usr/bin/GET ( Warning ) (14:05:27) Warning: The file '/usr/bin/GET' exists on the system, but it is not present in the rkhunter.dat file. (14:05:27) /usr/bin/groups ( Warning ) (14:05:27) Warning: The file properties have changed: (14:05:27) File: /usr/bin/groups (14:05:27) Current inode: 86037016 Stored inode: 54247814 (14:05:27) Warning: The command '/usr/bin/groups' has been replaced by a script: /usr/bin/groups: Bourne shell script text executable (14:05:28) /usr/bin/head ( Warning ) (14:05:28) Warning: The file properties have changed: (14:05:28) File: /usr/bin/head (14:05:28) Current inode: 86037019 Stored inode: 54247782 (14:05:28) /usr/bin/id ( Warning ) (14:05:28) Warning: The file properties have changed: (14:05:28) File: /usr/bin/id (14:05:28) Current inode: 86037028 Stored inode: 54247710 (14:05:28) /usr/bin/killall ( Warning ) (14:05:28) Warning: The file properties have changed: (14:05:28) File: /usr/bin/killall (14:05:28) Current inode: 86037042 Stored inode: 54248781 (14:05:28) /usr/bin/last ( Warning ) (14:05:28) Warning: The file properties have changed: (14:05:28) File: /usr/bin/last (14:05:28) Current inode: 86037043 Stored inode: 54247612 (14:05:28) /usr/bin/lastlog ( Warning ) (14:05:29) Warning: The file properties have changed: (14:05:29) File: /usr/bin/lastlog (14:05:29) Current inode: 86037044 Stored inode: 54247488 (14:05:29) /usr/bin/ldd ( Warning ) (14:05:29) Warning: The file properties have changed: (14:05:29) File: /usr/bin/ldd (14:05:29) Current inode: 57835567 Stored inode: 54248508 (14:05:29) Current file modification time: 1264097118 (14:05:29) Stored file modification time : 1232193522 (14:05:29) Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne-Again shell script text executable (14:05:29) /usr/bin/locate ( Warning ) (14:05:29) Warning: The file properties have changed: (14:05:29) File: /usr/bin/locate (14:05:29) Current inode: 86037057 Stored inode: 54247731 (14:05:29) /usr/bin/logger ( Warning ) (14:05:29) Warning: The file properties have changed: (14:05:29) File: /usr/bin/logger (14:05:29) Current inode: 86037059 Stored inode: 54247865 (14:05:29) /usr/bin/lsattr ( Warning ) (14:05:29) Warning: The file properties have changed: (14:05:30) File: /usr/bin/lsattr (14:05:30) Current inode: 86037063 Stored inode: 54247753 (14:05:30) /usr/bin/lynx ( Warning ) (14:05:30) Warning: The file properties have changed: (14:05:30) File: /usr/bin/lynx (14:05:30) Current inode: 86033419 Stored inode: 54248732 (14:05:30) /usr/bin/md5sum ( Warning ) (14:05:30) Warning: The file properties have changed: (14:05:30) File: /usr/bin/md5sum (14:05:30) Current inode: 86037075 Stored inode: 54247797 (14:05:30) /usr/bin/newgrp ( Warning ) (14:05:30) Warning: The file properties have changed: (14:05:30) File: /usr/bin/newgrp (14:05:30) Current inode: 86037150 Stored inode: 54247465 (14:05:30) /usr/bin/passwd ( Warning ) (14:05:30) Warning: The file properties have changed: (14:05:30) File: /usr/bin/passwd (14:05:30) Current inode: 86037169 Stored inode: 54247590 (14:05:31) /usr/bin/perl ( Warning ) (14:05:31) Warning: The file properties have changed: (14:05:31) File: /usr/bin/perl (14:05:31) Current inode: 86037177 Stored inode: 54248353 (14:05:31) /usr/bin/pstree ( Warning ) (14:05:31) Warning: The file properties have changed: (14:05:31) File: /usr/bin/pstree (14:05:31) Current inode: 86037206 Stored inode: 54248782 (14:05:31) /usr/bin/runcon ( Warning ) (14:05:31) Warning: The file properties have changed: (14:05:31) File: /usr/bin/runcon (14:05:31) Current inode: 86037226 Stored inode: 54247798 (14:05:31) /usr/bin/sha1sum ( Warning ) (14:05:31) Warning: The file properties have changed: (14:05:31) File: /usr/bin/sha1sum (14:05:31) Current inode: 86037242 Stored inode: 54247916 (14:05:32) /usr/bin/size ( Warning ) (14:05:32) Warning: The file properties have changed: (14:05:32) File: /usr/bin/size (14:05:32) Current inode: 86037250 Stored inode: 54248586 (14:05:32) /usr/bin/sort ( Warning ) (14:05:32) Warning: The file properties have changed: (14:05:32) File: /usr/bin/sort (14:05:32) Current inode: 86037254 Stored inode: 54247826 (14:05:32) /usr/bin/stat ( Warning ) (14:05:32) Warning: The file properties have changed: (14:05:32) File: /usr/bin/stat (14:05:32) Current inode: 86037266 Stored inode: 54247795 (14:05:32) /usr/bin/strace ( Warning ) (14:05:32) Warning: The file '/usr/bin/strace' exists on the system, but it is not present in the rkhunter.dat file. (14:05:32) /usr/bin/strings ( Warning ) (14:05:32) Warning: The file properties have changed: (14:05:32) File: /usr/bin/strings (14:05:32) Current inode: 86037267 Stored inode: 54248589 (14:05:33) /usr/bin/tail ( Warning ) (14:05:33) Warning: The file properties have changed: (14:05:33) File: /usr/bin/tail (14:05:33) Current inode: 86037272 Stored inode: 54247841 (14:05:33) /usr/bin/test ( Warning ) (14:05:33) Warning: The file properties have changed: (14:05:33) File: /usr/bin/test (14:05:33) Current inode: 86037276 Stored inode: 54247698 (14:05:33) /usr/bin/top ( Warning ) (14:05:33) Warning: The file properties have changed: (14:05:33) File: /usr/bin/top (14:05:33) Current inode: 86037281 Stored inode: 54247840 (14:05:33) /usr/bin/touch ( Warning ) (14:05:33) Warning: The file properties have changed: (14:05:33) File: /usr/bin/touch (14:05:33) Current inode: 86033462 Stored inode: 54247885 (14:05:33) /usr/bin/tr ( Warning ) (14:05:33) Warning: The file properties have changed: (14:05:33) File: /usr/bin/tr (14:05:33) Current inode: 86037283 Stored inode: 54247876 (14:05:34) /usr/bin/uniq ( Warning ) (14:05:34) Warning: The file properties have changed: (14:05:34) File: /usr/bin/uniq (14:05:34) Current inode: 86037295 Stored inode: 54247766 (14:05:34) /usr/bin/users ( Warning ) (14:05:34) Warning: The file properties have changed: (14:05:34) File: /usr/bin/users (14:05:34) Current inode: 86037300 Stored inode: 54247827 (14:05:34) /usr/bin/vmstat ( Warning ) (14:05:34) Warning: The file properties have changed: (14:05:34) File: /usr/bin/vmstat (14:05:34) Current inode: 86037303 Stored inode: 54247878 (14:05:34) /usr/bin/w ( Warning ) (14:05:34) Warning: The file properties have changed: (14:05:34) File: /usr/bin/w (14:05:34) Current inode: 86033469 Stored inode: 54247756 (14:05:34) /usr/bin/watch ( Warning ) (14:05:34) Warning: The file properties have changed: (14:05:35) File: /usr/bin/watch (14:05:35) Current inode: 86037306 Stored inode: 54247794 (14:05:35) /usr/bin/wc ( Warning ) (14:05:35) Warning: The file properties have changed: (14:05:35) File: /usr/bin/wc (14:05:35) Current inode: 86037307 Stored inode: 54247880 (14:05:35) /usr/bin/wget ( Warning ) (14:05:35) Warning: The file properties have changed: (14:05:35) File: /usr/bin/wget (14:05:35) Current hash: 8f12c9c7acef809ee696878a754f31c8034bc58b (14:05:35) Stored hash : 1cf6b29d4276337be8d03083373f399a280df7ae (14:05:35) Current inode: 86048159 Stored inode: 54247727 (14:05:35) Current file modification time: 1255002588 (14:05:35) Stored file modification time : 1151512894 (14:05:35) /usr/bin/whatis ( Warning ) (14:05:35) Warning: The file properties have changed: (14:05:35) File: /usr/bin/whatis (14:05:35) Current inode: 86037310 Stored inode: 54247747 (14:05:35) /usr/bin/whereis ( Warning ) (14:05:35) Warning: The file properties have changed: (14:05:35) File: /usr/bin/whereis (14:05:35) Current inode: 86037311 Stored inode: 54247696 (14:05:36) /usr/bin/which ( Warning ) (14:05:36) Warning: The file properties have changed: (14:05:36) File: /usr/bin/which (14:05:36) Current inode: 86033471 Stored inode: 54247755 (14:05:36) /usr/bin/who ( Warning ) (14:05:36) Warning: The file properties have changed: (14:05:36) File: /usr/bin/who (14:05:36) Current inode: 86037313 Stored inode: 54247728 (14:05:36) /usr/bin/whoami ( Warning ) (14:05:36) Warning: The file properties have changed: (14:05:36) File: /usr/bin/whoami (14:05:36) Current inode: 86037314 Stored inode: 54247775 (14:05:36) /usr/bin/mawk ( Warning ) (14:05:36) Warning: The file properties have changed: (14:05:36) File: /usr/bin/mawk (14:05:36) Current inode: 86037073 Stored inode: 54247905 (14:05:36) /usr/bin/lwp-request ( Warning ) (14:05:36) Warning: The file '/usr/bin/lwp-request' exists on the system, but it is not present in the rkhunter.dat file. (14:05:36) Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: perl script text executable (14:05:37) /usr/bin/lynx.stable ( Warning ) (14:05:37) Warning: The file properties have changed: (14:05:37) File: /usr/bin/lynx.stable (14:05:37) Current inode: 86037065 Stored inode: 54248690 (14:05:37) /usr/bin/w.procps ( Warning ) (14:05:37) Warning: The file properties have changed: (14:05:37) File: /usr/bin/w.procps (14:05:37) Current inode: 86037304 Stored inode: 54247702 (14:05:37) /sbin/depmod ( Warning ) (14:05:37) Warning: The file properties have changed: (14:05:37) File: /sbin/depmod (14:05:37) Current inode: 86036559 Stored inode: 54215606 (14:05:37) /sbin/ifconfig ( Warning ) (14:05:37) Warning: The file properties have changed: (14:05:37) File: /sbin/ifconfig (14:05:38) Current inode: 86036571 Stored inode: 54215618 (14:05:38) /sbin/ifdown ( Warning ) (14:05:38) Warning: The file properties have changed: (14:05:38) File: /sbin/ifdown (14:05:38) Current inode: 86036572 Stored inode: 54215611 (14:05:38) /sbin/ifup ( Warning ) (14:05:38) Warning: The file properties have changed: (14:05:38) File: /sbin/ifup (14:05:38) Current inode: 86036572 Stored inode: 54215611 (14:05:38) /sbin/init ( Warning ) (14:05:38) Warning: The file properties have changed: (14:05:38) File: /sbin/init (14:05:38) Current inode: 86036573 Stored inode: 54215254 (14:05:38) /sbin/insmod ( Warning ) (14:05:38) Warning: The file properties have changed: (14:05:38) File: /sbin/insmod (14:05:38) Current inode: 86036575 Stored inode: 54215574 (14:05:39) /sbin/lsmod ( Warning ) (14:05:39) Warning: The file properties have changed: (14:05:39) File: /sbin/lsmod (14:05:39) Current inode: 86033356 Stored inode: 54215579 (14:05:39) /sbin/modinfo ( Warning ) (14:05:39) Warning: The file properties have changed: (14:05:39) File: /sbin/modinfo (14:05:39) Current inode: 86036597 Stored inode: 54215600 (14:05:39) /sbin/modprobe ( Warning ) (14:05:39) Warning: The file properties have changed: (14:05:39) File: /sbin/modprobe (14:05:39) Current inode: 86036598 Stored inode: 54215581 (14:05:39) /sbin/rmmod ( Warning ) (14:05:39) Warning: The file properties have changed: (14:05:39) File: /sbin/rmmod (14:05:39) Current inode: 86036607 Stored inode: 54215619 (14:05:40) /sbin/runlevel ( Warning ) (14:05:40) Warning: The file properties have changed: (14:05:40) File: /sbin/runlevel (14:05:40) Current inode: 86036609 Stored inode: 54215259 (14:05:40) /sbin/sulogin ( Warning ) (14:05:40) Warning: The file properties have changed: (14:05:40) File: /sbin/sulogin (14:05:40) Current inode: 86036616 Stored inode: 54215308 (14:05:40) /sbin/sysctl ( Warning ) (14:05:40) Warning: The file properties have changed: (14:05:40) File: /sbin/sysctl (14:05:40) Current inode: 86036618 Stored inode: 54215573 (14:05:40) /sbin/syslogd ( Warning ) (14:05:40) Warning: The file properties have changed: (14:05:40) File: /sbin/syslogd (14:05:40) Current inode: 86036619 Stored inode: 54215597 (14:05:41) /usr/sbin/adduser ( Warning ) (14:05:41) Warning: The file properties have changed: (14:05:41) File: /usr/sbin/adduser (14:05:41) Current inode: 86043333 Stored inode: 54218263 (14:05:41) Warning: The command '/usr/sbin/adduser' has been replaced by a script: /usr/sbin/adduser: perl script text executable (14:05:41) /usr/sbin/chroot ( Warning ) (14:05:41) Warning: The file properties have changed: (14:05:41) File: /usr/sbin/chroot (14:05:41) Current inode: 86043346 Stored inode: 54218255 (14:05:41) /usr/sbin/cron ( Warning ) (14:05:41) Warning: The file properties have changed: (14:05:41) File: /usr/sbin/cron (14:05:41) Current inode: 86043352 Stored inode: 54218287 (14:05:42) /usr/sbin/groupadd ( Warning ) (14:05:42) Warning: The file properties have changed: (14:05:42) File: /usr/sbin/groupadd (14:05:42) Current inode: 86043370 Stored inode: 54215889 (14:05:42) /usr/sbin/groupdel ( Warning ) (14:05:42) Warning: The file properties have changed: (14:05:42) File: /usr/sbin/groupdel (14:05:42) Current inode: 86043371 Stored inode: 54215980 (14:05:42) /usr/sbin/groupmod ( Warning ) (14:05:42) Warning: The file properties have changed: (14:05:42) File: /usr/sbin/groupmod (14:05:42) Current inode: 86043372 Stored inode: 54215977 (14:05:42) /usr/sbin/grpck ( Warning ) (14:05:42) Warning: The file properties have changed: (14:05:42) File: /usr/sbin/grpck (14:05:42) Current inode: 86043373 Stored inode: 54215968 (14:05:42) /usr/sbin/inetd ( Warning ) (14:05:42) Warning: The file properties have changed: (14:05:42) File: /usr/sbin/inetd (14:05:42) Current inode: 86043380 Stored inode: 54218291 (14:05:43) /usr/sbin/nologin ( Warning ) (14:05:43) Warning: The file properties have changed: (14:05:43) File: /usr/sbin/nologin (14:05:43) Current inode: 86043399 Stored inode: 54218046 (14:05:43) /usr/sbin/pwck ( Warning ) (14:05:43) Warning: The file properties have changed: (14:05:43) File: /usr/sbin/pwck (14:05:43) Current inode: 86043422 Stored inode: 54215970 (14:05:43) /usr/sbin/tcpd ( Warning ) (14:05:43) Warning: The file properties have changed: (14:05:43) File: /usr/sbin/tcpd (14:05:44) Current inode: 86043457 Stored inode: 54218309 (14:05:44) /usr/sbin/useradd ( Warning ) (14:05:44) Warning: The file properties have changed: (14:05:44) File: /usr/sbin/useradd (14:05:44) Current inode: 86043472 Stored inode: 54215971 (14:05:44) /usr/sbin/userdel ( Warning ) (14:05:44) Warning: The file properties have changed: (14:05:44) File: /usr/sbin/userdel (14:05:44) Current inode: 86043476 Stored inode: 54215887 (14:05:44) /usr/sbin/usermod ( Warning ) (14:05:44) Warning: The file properties have changed: (14:05:44) File: /usr/sbin/usermod (14:05:44) Current inode: 86043477 Stored inode: 54215979 (14:05:44) /usr/sbin/vipw ( Warning ) (14:05:44) Warning: The file properties have changed: (14:05:44) File: /usr/sbin/vipw (14:05:44) Current inode: 86043480 Stored inode: 54215975 (14:05:45) /usr/local/bin/rkhunter ( Warning ) (14:05:45) Warning: The file properties have changed: (14:05:45) File: /usr/local/bin/rkhunter (14:05:45) Current inode: 86043310 Stored inode: 54216814 (14:12:11) Have I a rootkit?
part 2 of the log Code: (14:12:11) Checking for rootkits... (14:12:11) Info: Starting test name 'rootkits' (14:12:11) (14:12:11) Performing check of known rootkit files and directories (14:12:11) Info: Starting test name 'known_rkts' (14:12:11) (14:12:11) Checking for 55808 Trojan - Variant A... (14:12:11) Checking for file '/tmp/.../r' ( Not found ) (14:12:11) Checking for file '/tmp/.../a' ( Not found ) (14:12:11) 55808 Trojan - Variant A ( Not found ) (14:12:11) (14:12:11) Checking for ADM Worm... (14:12:12) Checking for string 'w0rm' ( Not found ) (14:12:12) ADM Worm ( Not found ) (14:12:12) (14:12:12) Checking for AjaKit Rootkit... (14:12:12) Checking for file '/dev/tux/.addr' ( Not found ) (14:12:12) Checking for file '/dev/tux/.proc' ( Not found ) (14:12:12) Checking for file '/dev/tux/.file' ( Not found ) (14:12:12) Checking for file '/lib/.libgh-gh/cleaner' ( Not found ) (14:12:12) Checking for file '/lib/.libgh-gh/Patch/patch' ( Not found ) (14:12:12) Checking for file '/lib/.libgh-gh/sb0k' ( Not found ) (14:12:12) Checking for directory '/dev/tux' ( Not found ) (14:12:12) Checking for directory '/lib/.libgh-gh' ( Not found ) (14:12:12) AjaKit Rootkit ( Not found ) (14:12:12) (14:12:12) Checking for aPa Kit... (14:12:12) Checking for file '/usr/share/.aPa' ( Not found ) (14:12:12) aPa Kit ( Not found ) (14:12:12) (14:12:12) Checking for Apache Worm... (14:12:12) Checking for file '/bin/.log' ( Not found ) (14:12:12) Apache Worm ( Not found ) (14:12:12) (14:12:12) Checking for Ambient (ark) Rootkit... (14:12:12) Checking for file '/usr/lib/.ark?' ( Not found ) (14:12:12) Checking for file '/dev/ptyxx/.log' ( Not found ) (14:12:12) Checking for file '/dev/ptyxx/.file' ( Not found ) (14:12:12) Checking for directory '/dev/ptyxx' ( Not found ) (14:12:12) Ambient (ark) Rootkit ( Not found ) (14:12:12) (14:12:12) Checking for Balaur Rootkit... (14:12:13) Checking for file '/usr/lib/liblog.o' ( Not found ) (14:12:13) Checking for directory '/usr/lib/.kinetic' ( Not found ) (14:12:13) Checking for directory '/usr/lib/.egcs' ( Not found ) (14:12:13) Checking for directory '/usr/lib/.wormie' ( Not found ) (14:12:13) Balaur Rootkit ( Not found ) (14:12:13) (14:12:13) Checking for BeastKit Rootkit... (14:12:13) Checking for file '/usr/sbin/arobia' ( Not found ) (14:12:13) Checking for file '/usr/sbin/idrun' ( Not found ) (14:12:13) Checking for file '/usr/lib/elm/arobia/elm' ( Not found ) (14:12:13) Checking for file '/usr/lib/elm/arobia/elm/hk' ( Not found ) (14:12:13) Checking for file '/usr/lib/elm/arobia/elm/hk.pub' ( Not found ) (14:12:13) Checking for file '/usr/lib/elm/arobia/elm/sc' ( Not found ) (14:12:13) Checking for file '/usr/lib/elm/arobia/elm/sd.pp' ( Not found ) (14:12:13) Checking for file '/usr/lib/elm/arobia/elm/sdco' ( Not found ) (14:12:13) Checking for file '/usr/lib/elm/arobia/elm/srsd' ( Not found ) (14:12:13) Checking for directory '/lib/ldd.so/bktools' ( Not found ) (14:12:13) BeastKit Rootkit ( Not found ) (14:12:13) (14:12:13) Checking for beX2 Rootkit... (14:12:13) Checking for directory '/usr/include/bex' ( Not found ) (14:12:13) beX2 Rootkit ( Not found ) (14:12:13) (14:12:13) Checking for BOBKit Rootkit... (14:12:13) Checking for file '/usr/sbin/ntpsx' ( Not found ) (14:12:13) Checking for file '/usr/lib/.../ls' ( Not found ) (14:12:13) Checking for file '/usr/lib/.../netstat' ( Not found ) (14:12:14) Checking for file '/usr/lib/.../lsof' ( Not found ) (14:12:14) Checking for file '/usr/lib/.../bkit-ssh/bkit-shdcfg' ( Not found ) (14:12:14) Checking for file '/usr/lib/.../bkit-ssh/bkit-shhk' ( Not found ) (14:12:14) Checking for file '/usr/lib/.../bkit-ssh/bkit-pw' ( Not found ) (14:12:14) Checking for file '/usr/lib/.../bkit-ssh/bkit-shrs' ( Not found ) (14:12:14) Checking for file '/usr/lib/.../uconf.inv' ( Not found ) (14:12:14) Checking for file '/usr/lib/.../psr' ( Not found ) (14:12:14) Checking for file '/usr/lib/.../find' ( Not found ) (14:12:14) Checking for file '/usr/lib/.../pstree' ( Not found ) (14:12:14) Checking for file '/usr/lib/.../slocate' ( Not found ) (14:12:14) Checking for file '/usr/lib/.../du' ( Not found ) (14:12:14) Checking for file '/usr/lib/.../top' ( Not found ) (14:12:14) Checking for directory '/usr/lib/...' ( Not found ) (14:12:14) Checking for directory '/usr/lib/.../bkit-ssh' ( Not found ) (14:12:14) Checking for directory '/usr/lib/.bkit-' ( Not found ) (14:12:14) Checking for directory '/tmp/.bkp' ( Not found ) (14:12:14) BOBKit Rootkit ( Not found ) (14:12:14) (14:12:14) Checking for CiNIK Worm (Slapper.B variant)... (14:12:14) Checking for file '/tmp/.cinik' ( Not found ) (14:12:14) Checking for directory '/tmp/.font-unix/.cinik' ( Not found ) (14:12:14) CiNIK Worm (Slapper.B variant) ( Not found ) (14:12:14) (14:12:14) Checking for Danny-Boy's Abuse Kit... (14:12:14) Checking for file '/dev/mdev' ( Not found ) (14:12:15) Checking for file '/usr/lib/libX.a' ( Not found ) (14:12:15) Danny-Boy's Abuse Kit ( Not found ) (14:12:15) (14:12:15) Checking for Devil RootKit... (14:12:15) Checking for file '/var/lib/games/.src' ( Not found ) (14:12:15) Checking for file '/dev/dsx' ( Not found ) (14:12:15) Checking for file '/dev/caca' ( Not found ) (14:12:15) Devil RootKit ( Not found ) (14:12:15) (14:12:15) Checking for Dica-Kit Rootkit... (14:12:15) Checking for file '/lib/.sso' ( Not found ) (14:12:15) Checking for file '/lib/.so' ( Not found ) (14:12:15) Checking for file '/var/run/...dica/clean' ( Not found ) (14:12:15) Checking for file '/var/run/...dica/xl' ( Not found ) (14:12:15) Checking for file '/var/run/...dica/xdr' ( Not found ) (14:12:15) Checking for file '/var/run/...dica/psg' ( Not found ) (14:12:15) Checking for file '/var/run/...dica/secure' ( Not found ) (14:12:15) Checking for file '/var/run/...dica/rdx' ( Not found ) (14:12:15) Checking for file '/var/run/...dica/va' ( Not found ) (14:12:15) Checking for file '/var/run/...dica/cl.sh' ( Not found ) (14:12:15) Checking for file '/usr/bin/.etc' ( Not found ) (14:12:15) Checking for directory '/var/run/...dica' ( Not found ) (14:12:15) Checking for directory '/var/run/...dica/mh' ( Not found ) (14:12:15) Checking for directory '/var/run/...dica/scan' ( Not found ) (14:12:15) Dica-Kit Rootkit ( Not found ) (14:12:15) (14:12:15) Checking for Dreams Rootkit... (14:12:15) Checking for file '/dev/ttyoa' ( Not found ) (14:12:16) Checking for file '/dev/ttyof' ( Not found ) (14:12:16) Checking for file '/dev/ttyop' ( Not found ) (14:12:16) Checking for file '/usr/bin/sense' ( Not found ) (14:12:16) Checking for file '/usr/bin/sl2' ( Not found ) (14:12:16) Checking for file '/usr/bin/logclear' ( Not found ) (14:12:16) Checking for file '/usr/bin/(swapd)' ( Not found ) (14:12:16) Checking for file '/usr/bin/snfs' ( Not found ) (14:12:16) Checking for file '/usr/lib/libsss' ( Not found ) (14:12:16) Checking for directory '/dev/ida/.hpd' ( Not found ) (14:12:16) Dreams Rootkit ( Not found ) (14:12:16) (14:12:16) Checking for Duarawkz Rootkit... (14:12:16) Checking for file '/usr/bin/duarawkz/loginpass' ( Not found ) (14:12:16) Checking for directory '/usr/bin/duarawkz' ( Not found ) (14:12:16) Duarawkz Rootkit ( Not found ) (14:12:16) (14:12:16) Checking for Enye LKM... (14:12:16) Checking for file '/etc/.enyelkmHIDE^IT.ko' ( Not found ) (14:12:16) Enye LKM ( Not found ) (14:12:16) (14:12:16) Checking for Flea Linux Rootkit... (14:12:16) Checking for file '/etc/ld.so.hash' ( Not found ) (14:12:16) Checking for file '/lib/security/.config/ssh/ssh_host_key' ( Not found ) (14:12:16) Checking for file '/lib/security/.config/ssh/ssh_host_key.pub' ( Not found ) (14:12:16) Checking for file '/lib/security/.config/ssh/ssh_random_seed' ( Not found ) (14:12:16) Checking for file '/usr/bin/ssh2d' ( Not found ) (14:12:16) Checking for file '/usr/lib/ldlibns.so' ( Not found ) (14:12:17) Checking for file '/usr/lib/ldlibpst.so' ( Not found ) (14:12:17) Checking for file '/usr/lib/ldlibdu.so' ( Not found ) (14:12:17) Checking for file '/usr/lib/ldlibct.so' ( Not found ) (14:12:17) Checking for directory '/lib/security/.config/ssh' ( Not found ) (14:12:17) Checking for directory '/dev/..0' ( Not found ) (14:12:17) Checking for directory '/dev/..0/backup' ( Not found ) (14:12:17) Flea Linux Rootkit ( Not found ) (14:12:17) (14:12:17) Checking for FreeBSD Rootkit... (14:12:17) Checking for file '/usr/lib/.fx/sched_host.2' ( Not found ) (14:12:17) Checking for file '/usr/lib/.fx/random_d.2' ( Not found ) (14:12:17) Checking for file '/usr/lib/.fx/set_pid.2' ( Not found ) (14:12:17) Checking for file '/usr/lib/.fx/cons.saver' ( Not found ) (14:12:17) Checking for file '/usr/lib/.fx/adore/adore/adore.ko' ( Not found ) (14:12:17) Checking for file '/bin/sysback' ( Not found ) (14:12:17) Checking for file '/usr/local/bin/sysback' ( Not found ) (14:12:17) Checking for directory '/usr/lib/.fx' ( Not found ) (14:12:17) Checking for directory '/usr/lib/.fx/adore' ( Not found ) (14:12:17) FreeBSD Rootkit ( Not found ) (14:12:17) (14:12:17) Checking for mess`it Rootkit... (14:12:17) Checking for file '/dev/proc/fuckit/hax0r' ( Not found ) (14:12:17) Checking for file '/dev/proc/fuckit/hax0rshell' ( Not found ) (14:12:17) Checking for file '/dev/proc/fuckit/config/lports' ( Not found ) (14:12:17) Checking for file '/dev/proc/fuckit/config/rports' ( Not found ) (14:12:18) Checking for file '/dev/proc/fuckit/config/rkconf' ( Not found ) (14:12:18) Checking for file '/dev/proc/fuckit/config/password' ( Not found ) (14:12:18) Checking for file '/dev/proc/fuckit/config/progs' ( Not found ) (14:12:18) Checking for file '/dev/proc/system-bins/init' ( Not found ) (14:12:18) mess`it Rootkit ( Not found ) (14:12:18) (14:12:18) Checking for GasKit Rootkit... (14:12:18) Checking for file '/dev/dev/gaskit/sshd/sshdd' ( Not found ) (14:12:18) Checking for directory '/dev/dev' ( Not found ) (14:12:18) Checking for directory '/dev/dev/gaskit' ( Not found ) (14:12:18) Checking for directory '/dev/dev/gaskit/sshd' ( Not found ) (14:12:18) GasKit Rootkit ( Not found ) (14:12:18) (14:12:18) Checking for Heroin LKM... (14:12:18) Checking for kernel symbol 'heroin' ( Skipped ) (14:12:18) Heroin LKM ( Not found ) (14:12:18) (14:12:18) Checking for HjC Kit... (14:12:18) Checking for directory '/dev/.hijackerz' ( Not found ) (14:12:18) HjC Kit ( Not found ) (14:12:18) (14:12:18) Checking for ignoKit Rootkit... (14:12:18) Checking for file '/lib/defs/p' ( Not found ) (14:12:18) Checking for file '/lib/defs/q' ( Not found ) (14:12:18) Checking for file '/lib/defs/r' ( Not found ) (14:12:18) Checking for file '/lib/defs/s' ( Not found ) (14:12:18) Checking for file '/lib/defs/t' ( Not found ) (14:12:18) Checking for file '/usr/lib/defs/p' ( Not found ) (14:12:18) Checking for file '/usr/lib/defs/q' ( Not found ) (14:12:19) Checking for file '/usr/lib/defs/r' ( Not found ) (14:12:19) Checking for file '/usr/lib/defs/s' ( Not found ) (14:12:19) Checking for file '/usr/lib/defs/t' ( Not found ) (14:12:19) Checking for file '/usr/lib/.libigno/pkunsec' ( Not found ) (14:12:19) Checking for file '/usr/lib/.libigno/.igno/psybnc/psybnc' ( Not found ) (14:12:19) Checking for directory '/usr/lib/.libigno' ( Not found ) (14:12:19) Checking for directory '/usr/lib/.libigno/.igno' ( Not found ) (14:12:19) ignoKit Rootkit ( Not found ) (14:12:19) (14:12:19) Checking for ImperalsS-FBRK Rootkit... (14:12:19) Checking for directory '/dev/fd/.88' ( Not found ) (14:12:19) Checking for directory '/dev/fd/.99' ( Not found ) (14:12:19) ImperalsS-FBRK Rootkit ( Not found ) (14:12:19) (14:12:19) Checking for IntoXonia-NG Rootkit... (14:12:19) Checking for kernel symbol 'funces' ( Skipped ) (14:12:19) Checking for kernel symbol 'ixinit' ( Skipped ) (14:12:19) Checking for kernel symbol 'tricks' ( Skipped ) (14:12:19) Checking for kernel symbol 'kernel_unlink' ( Skipped ) (14:12:19) Checking for kernel symbol 'rootme' ( Skipped ) (14:12:19) Checking for kernel symbol 'hide_module' ( Skipped ) (14:12:19) Checking for kernel symbol 'find_sys_call_tbl' ( Skipped ) (14:12:19) IntoXonia-NG Rootkit ( Not found ) (14:12:19) (14:12:19) Checking for Irix Rootkit... (14:12:19) Checking for directory '/dev/pts/01' ( Not found ) (14:12:19) Checking for directory '/dev/pts/01/backup' ( Not found ) (14:12:20) Checking for directory '/dev/pts/01/etc' ( Not found ) (14:12:20) Checking for directory '/dev/pts/01/tmp' ( Not found ) (14:12:20) Irix Rootkit ( Not found ) (14:12:20) (14:12:20) Checking for Kitko Rootkit... (14:12:20) Checking for directory '/usr/src/redhat/SRPMS/...' ( Not found ) (14:12:20) Kitko Rootkit ( Not found ) (14:12:20) (14:12:20) Checking for Knark Rootkit... (14:12:20) Checking for file '/proc/knark/pids' ( Not found ) (14:12:20) Checking for directory '/proc/knark' ( Not found ) (14:12:20) Knark Rootkit ( Not found ) (14:12:20) (14:12:20) Checking for Li0n Worm... (14:12:20) Checking for file '/bin/in.telnetd' ( Not found ) (14:12:20) Checking for file '/bin/mjy' ( Not found ) (14:12:20) Checking for file '/usr/man/man1/man1/lib/.lib/mjy' ( Not found ) (14:12:20) Checking for file '/usr/man/man1/man1/lib/.lib/in.telnetd' ( Not found ) (14:12:20) Checking for file '/usr/man/man1/man1/lib/.lib/.x' ( Not found ) (14:12:20) Checking for file '/dev/.lib/lib/scan/1i0n.sh' ( Not found ) (14:12:20) Checking for file '/dev/.lib/lib/scan/hack.sh' ( Not found ) (14:12:20) Checking for file '/dev/.lib/lib/scan/bind' ( Not found ) (14:12:20) Checking for file '/dev/.lib/lib/scan/randb' ( Not found ) (14:12:20) Checking for file '/dev/.lib/lib/scan/scan.sh' ( Not found ) (14:12:20) Checking for file '/dev/.lib/lib/scan/pscan' ( Not found ) (14:12:20) Checking for file '/dev/.lib/lib/scan/star.sh' ( Not found ) (14:12:20) Checking for file '/dev/.lib/lib/scan/bindx.sh' ( Not found ) (14:12:21) Checking for file '/dev/.lib/lib/scan/bindname.log' ( Not found ) (14:12:21) Checking for file '/dev/.lib/lib/1i0n.sh' ( Not found ) (14:12:21) Checking for file '/dev/.lib/lib/lib/netstat' ( Not found ) (14:12:21) Checking for file '/dev/.lib/lib/lib/dev/.1addr' ( Not found ) (14:12:21) Checking for file '/dev/.lib/lib/lib/dev/.1logz' ( Not found ) (14:12:21) Checking for file '/dev/.lib/lib/lib/dev/.1proc' ( Not found ) (14:12:21) Checking for file '/dev/.lib/lib/lib/dev/.1file' ( Not found ) (14:12:21) Li0n Worm ( Not found ) (14:12:21) (14:12:21) Checking for Lockit / LJK2 Rootkit... (14:12:21) Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_config' ( Not found ) (14:12:21) Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_host_key' ( Not found ) (14:12:21) Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_host_key.pub' ( Not found ) (14:12:21) Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_random_seed*' ( Not found ) (14:12:21) Checking for file '/usr/lib/libmen.oo/.LJK2/sshd_config' ( Not found ) (14:12:21) Checking for file '/usr/lib/libmen.oo/.LJK2/backdoor/RK1bd' ( Not found ) (14:12:21) Checking for file '/usr/lib/libmen.oo/.LJK2/backup/du' ( Not found ) (14:12:21) Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ifconfig' ( Not found ) (14:12:21) Checking for file '/usr/lib/libmen.oo/.LJK2/backup/inetd.conf' ( Not found ) (14:12:21) Checking for file '/usr/lib/libmen.oo/.LJK2/backup/locate' ( Not found ) (14:12:21) Checking for file '/usr/lib/libmen.oo/.LJK2/backup/login' ( Not found ) (14:12:21) Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ls' ( Not found ) (14:12:21) Checking for file '/usr/lib/libmen.oo/.LJK2/backup/netstat' ( Not found ) (14:12:21) Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ps' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/backup/pstree' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/backup/rc.sysinit' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/backup/syslogd' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/backup/tcpd' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/backup/top' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/clean/RK1sauber' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/clean/RK1wted' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/hack/RK1parser' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/hack/RK1sniff' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1addr' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1dir' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1log' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1proc' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/hide/RK1phidemod.c' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/modules/README.modules' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/modules/RK1hidem.c' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/modules/RK1phide' ( Not found ) (14:12:22) Checking for file '/usr/lib/libmen.oo/.LJK2/sshconfig/RK1ssh' ( Not found ) (14:12:22) Checking for directory '/usr/lib/libmen.oo/.LJK2' ( Not found ) (14:12:22) Lockit / LJK2 Rootkit ( Not found ) (14:12:22) (14:12:22) Checking for Mood-NT Rootkit... (14:12:22) Checking for file '/sbin/init__mood-nt-_-_cthulhu' ( Not found ) (14:12:22) Checking for file '/_cthulhu/mood-nt.init' ( Not found ) (14:12:23) Checking for file '/_cthulhu/mood-nt.conf' ( Not found ) (14:12:23) Checking for file '/_cthulhu/mood-nt.sniff' ( Not found ) (14:12:23) Checking for directory '/_cthulhu' ( Not found ) (14:12:23) Mood-NT Rootkit ( Not found ) (14:12:23) (14:12:23) Checking for MRK Rootkit... (14:12:23) Checking for file '/dev/ida/.inet/pid' ( Not found ) (14:12:23) Checking for file '/dev/ida/.inet/ssh_host_key' ( Not found ) (14:12:23) Checking for file '/dev/ida/.inet/ssh_random_seed' ( Not found ) (14:12:23) Checking for file '/dev/ida/.inet/tcp.log' ( Not found ) (14:12:23) Checking for directory '/dev/ida/.inet' ( Not found ) (14:12:23) Checking for directory '/var/spool/cron/.sh' ( Not found ) (14:12:23) MRK Rootkit ( Not found ) (14:12:23) (14:12:23) Checking for Ni0 Rootkit... (14:12:23) Checking for file '/var/lock/subsys/...datafile.../...net...' ( Not found ) (14:12:23) Checking for file '/var/lock/subsys/...datafile.../...port...' ( Not found ) (14:12:23) Checking for file '/var/lock/subsys/...datafile.../...ps...' ( Not found ) (14:12:23) Checking for file '/var/lock/subsys/...datafile.../...file...' ( Not found ) (14:12:23) Checking for directory '/tmp/waza' ( Not found ) (14:12:23) Checking for directory '/var/lock/subsys/...datafile...' ( Not found ) (14:12:23) Checking for directory '/usr/sbin/es' ( Not found ) (14:12:23) Ni0 Rootkit ( Not found ) (14:12:23) (14:12:23) Checking for Ohhara Rootkit... (14:12:23) Checking for file '/var/lock/subsys/...datafile.../...datafile.../in.smbd.log' ( Not found ) (14:12:23) Checking for directory '/var/lock/subsys/...datafile...' ( Not found ) (14:12:24) Checking for directory '/var/lock/subsys/...datafile.../...datafile...' ( Not found ) (14:12:24) Checking for directory '/var/lock/subsys/...datafile.../...datafile.../bin' ( Not found ) (14:12:24) Checking for directory '/var/lock/subsys/...datafile.../...datafile.../usr/bin' ( Not found ) (14:12:24) Checking for directory '/var/lock/subsys/...datafile.../...datafile.../usr/sbin' ( Not found ) (14:12:24) Checking for directory '/var/lock/subsys/...datafile.../...datafile.../lib/security' ( Not found ) (14:12:24) Ohhara Rootkit ( Not found ) (14:12:24) (14:12:24) Checking for Optic Kit (Tux) Worm... (14:12:24) Checking for directory '/dev/tux' ( Not found ) (14:12:24) Checking for directory '/usr/bin/xchk' ( Not found ) (14:12:24) Checking for directory '/usr/bin/xsf' ( Not found ) (14:12:24) Checking for directory '/usr/bin/ssh2d' ( Not found ) (14:12:24) Optic Kit (Tux) Worm ( Not found ) (14:12:24) (14:12:24) Checking for Oz Rootkit... (14:12:24) Checking for file '/dev/.oz/.nap/rkit/terror' ( Not found ) (14:12:24) Checking for directory '/dev/.oz' ( Not found ) (14:12:24) Oz Rootkit ( Not found ) (14:12:24) (14:12:24) Checking for Phalanx Rootkit... (14:12:24) Checking for file '/usr/share/.home.ph1/cb' ( Not found ) (14:12:24) Checking for file '/etc/host.ph1' ( Not found ) (14:12:24) Checking for file '/bin/host.ph1' ( Not found ) (14:12:24) Checking for file '/usr/share/.home.ph1/phalanx' ( Not found ) (14:12:24) Checking for directory '/usr/share/.home.ph1' ( Not found ) (14:12:24) Phalanx Rootkit ( Not found ) (14:12:24) (14:12:24) Checking for Phalanx Rootkit (strings)... (14:12:25) Checking for string 'phalanx' ( Not found ) (14:12:25) Phalanx Rootkit (strings) ( Not found ) (14:12:25) (14:12:25) Checking for Phalanx2 Rootkit... (14:12:25) Checking for file '/etc/khubd.p2/.p2rc' ( Not found ) (14:12:25) Checking for file '/etc/khubd.p2/.phalanx2' ( Not found ) (14:12:25) Checking for file '/etc/khubd.p2/.sniff' ( Not found ) (14:12:25) Checking for file '/etc/khubd.p2/sshgrab.py' ( Not found ) (14:12:25) Checking for file '/etc/lolzz.p2/.p2rc' ( Not found ) (14:12:25) Checking for file '/etc/lolzz.p2/.phalanx2' ( Not found ) (14:12:25) Checking for file '/etc/lolzz.p2/.sniff' ( Not found ) (14:12:25) Checking for file '/etc/lolzz.p2/sshgrab.py' ( Not found ) (14:12:25) Checking for directory '/etc/khubd.p2' ( Not found ) (14:12:25) Checking for directory '/etc/lolzz.p2' ( Not found ) (14:12:25) Phalanx2 Rootkit ( Not found ) (14:12:25) (14:12:25) Checking for Phalanx2 Rootkit (extended tests)... (14:12:25) Checking for directory '/etc/khubd.p2' ( Not found ) (14:12:25) Checking for directory '/etc/lolzz.p2' ( Not found ) (14:12:25) Phalanx2 Rootkit (extended tests) ( Not found ) (14:12:25) (14:12:25) Checking for Portacelo Rootkit... (14:12:25) Checking for file '/var/lib/.../.ak' ( Not found ) (14:12:25) Checking for file '/var/lib/.../.hk' ( Not found ) (14:12:25) Checking for file '/var/lib/.../.rs' ( Not found ) (14:12:25) Checking for file '/var/lib/.../.p' ( Not found ) (14:12:25) Checking for file '/var/lib/.../getty' ( Not found ) (14:12:26) Checking for file '/var/lib/.../lkt.o' ( Not found ) (14:12:26) Checking for file '/var/lib/.../show' ( Not found ) (14:12:26) Checking for file '/var/lib/.../nlkt.o' ( Not found ) (14:12:26) Checking for file '/var/lib/.../ssshrc' ( Not found ) (14:12:26) Checking for file '/var/lib/.../sssh_equiv' ( Not found ) (14:12:26) Checking for file '/var/lib/.../sssh_known_hosts' ( Not found ) (14:12:26) Checking for file '/var/lib/.../sssh_pid' ( Not found ) (14:12:26) Checking for file '~/.sssh/known_hosts' ( Not found ) (14:12:26) Portacelo Rootkit ( Not found ) (14:12:26) (14:12:26) Checking for R3dstorm Toolkit... (14:12:26) Checking for file '/var/log/tk02/see_all' ( Not found ) (14:12:26) Checking for file '/bin/.../sshd/sbin/sshd1' ( Not found ) (14:12:26) Checking for file '/bin/.../hate/sk' ( Not found ) (14:12:26) Checking for file '/bin/.../see_all' ( Not found ) (14:12:26) Checking for directory '/var/log/tk02' ( Not found ) (14:12:26) Checking for directory '/var/log/tk02/old' ( Not found ) (14:12:26) Checking for directory '/bin/...' ( Not found ) (14:12:26) R3dstorm Toolkit ( Not found ) (14:12:26) (14:12:26) Checking for RH-Sharpe's Rootkit... (14:12:26) Checking for file '/bin/lps' ( Not found ) (14:12:26) Checking for file '/usr/bin/lpstree' ( Not found ) (14:12:26) Checking for file '/usr/bin/ltop' ( Not found ) (14:12:26) Checking for file '/usr/bin/lkillall' ( Not found ) (14:12:27) Checking for file '/usr/bin/ldu' ( Not found ) (14:12:27) Checking for file '/usr/bin/lnetstat' ( Not found ) (14:12:27) Checking for file '/usr/bin/wp' ( Not found ) (14:12:27) Checking for file '/usr/bin/shad' ( Not found ) (14:12:27) Checking for file '/usr/bin/vadim' ( Not found ) (14:12:27) Checking for file '/usr/bin/slice' ( Not found ) (14:12:27) Checking for file '/usr/bin/cleaner' ( Not found ) (14:12:27) Checking for file '/usr/include/rpcsvc/du' ( Not found ) (14:12:27) RH-Sharpe's Rootkit ( Not found ) (14:12:27) (14:12:27) Checking for RSHA's Rootkit... (14:12:27) Checking for file '/bin/kr4p' ( Not found ) (14:12:27) Checking for file '/usr/bin/n3tstat' ( Not found ) (14:12:27) Checking for file '/usr/bin/chsh2' ( Not found ) (14:12:27) Checking for file '/usr/bin/slice2' ( Not found ) (14:12:27) Checking for file '/usr/src/linux/arch/alpha/lib/.lib/.1proc' ( Not found ) (14:12:27) Checking for file '/etc/rc.d/arch/alpha/lib/.lib/.1addr' ( Not found ) (14:12:27) Checking for directory '/etc/rc.d/rsha' ( Not found ) (14:12:27) Checking for directory '/etc/rc.d/arch/alpha/lib/.lib' ( Not found ) (14:12:27) RSHA's Rootkit ( Not found ) (14:12:27) (14:12:27) Checking for Scalper Worm... (14:12:27) Checking for file '/tmp/.a' ( Not found ) (14:12:27) Checking for file '/tmp/.uua' ( Not found ) (14:12:27) Scalper Worm ( Not found ) (14:12:28) (14:12:28) Checking for Sebek LKM... (14:12:28) Checking for kernel symbol 'adore or sebek' ( Skipped ) (14:12:28) Sebek LKM ( Not found ) (14:12:28) (14:12:28) Checking for Shutdown Rootkit... (14:12:28) Checking for file '/usr/man/man5/.. /.dir/scannah/asus' ( Not found ) (14:12:28) Checking for file '/usr/man/man5/.. /.dir/see' ( Not found ) (14:12:28) Checking for file '/usr/man/man5/.. /.dir/nscd' ( Not found ) (14:12:28) Checking for file '/usr/man/man5/.. /.dir/alpd' ( Not found ) (14:12:28) Checking for file '/etc/rc.d/rc.local ' ( Not found ) (14:12:28) Checking for directory '/usr/man/man5/.. /.dir' ( Not found ) (14:12:28) Checking for directory '/usr/man/man5/.. /.dir/scannah' ( Not found ) (14:12:28) Checking for directory '/etc/rc.d/rc0.d/.. /.dir' ( Not found ) (14:12:28) Shutdown Rootkit ( Not found ) (14:12:28) (14:12:28) Checking for SHV4 Rootkit... (14:12:28) Checking for file '/etc/ld.so.hash' ( Not found ) (14:12:28) Checking for file '/lib/libext-2.so.7' ( Not found ) (14:12:28) Checking for file '/lib/lidps1.so' ( Not found ) (14:12:28) Checking for file '/usr/sbin/xntps' ( Not found ) (14:12:28) Checking for directory '/lib/security/.config' ( Not found ) (14:12:28) Checking for directory '/lib/security/.config/ssh' ( Not found ) (14:12:28) SHV4 Rootkit ( Not found ) (14:12:28) (14:12:28) Checking for SHV5 Rootkit... (14:12:28) Checking for file '/etc/sh.conf' ( Not found ) (14:12:28) Checking for file '/dev/srd0' ( Not found ) (14:12:29) Checking for directory '/usr/lib/libsh' ( Not found ) (14:12:29) SHV5 Rootkit ( Not found ) (14:12:29) (14:12:29) Checking for Sin Rootkit... (14:12:29) Checking for file '/dev/.haos/haos1/.f/Denyed' ( Not found ) (14:12:29) Checking for file '/dev/ttyoa' ( Not found ) (14:12:29) Checking for file '/dev/ttyof' ( Not found ) (14:12:29) Checking for file '/dev/ttyop' ( Not found ) (14:12:29) Checking for file '/dev/ttyos' ( Not found ) (14:12:29) Checking for file '/usr/lib/.lib' ( Not found ) (14:12:29) Checking for file '/usr/lib/sn/.X' ( Not found ) (14:12:29) Checking for file '/usr/lib/sn/.sys' ( Not found ) (14:12:29) Checking for file '/usr/lib/ld/.X' ( Not found ) (14:12:29) Checking for file '/usr/man/man1/...' ( Not found ) (14:12:29) Checking for file '/usr/man/man1/.../.m' ( Not found ) (14:12:29) Checking for file '/usr/man/man1/.../.w' ( Not found ) (14:12:29) Checking for directory '/usr/lib/sn' ( Not found ) (14:12:29) Checking for directory '/usr/lib/man1/...' ( Not found ) (14:12:29) Checking for directory '/dev/.haos' ( Not found ) (14:12:29) Sin Rootkit ( Not found ) (14:12:29) (14:12:29) Checking for Slapper Worm... (14:12:29) Checking for file '/tmp/.bugtraq' ( Not found ) (14:12:29) Checking for file '/tmp/.uubugtraq' ( Not found ) (14:12:29) Checking for file '/tmp/.bugtraq.c' ( Not found ) (14:12:30) Checking for file '/tmp/httpd' ( Not found ) (14:12:30) Checking for file '/tmp/.unlock' ( Not found ) (14:12:30) Checking for file '/tmp/update' ( Not found ) (14:12:30) Checking for file '/tmp/.cinik' ( Not found ) (14:12:30) Checking for file '/tmp/.b' ( Not found ) (14:12:30) Slapper Worm ( Not found ) (14:12:30) (14:12:30) Checking for Sneakin Rootkit... (14:12:30) Checking for directory '/tmp/.X11-unix/.../rk' ( Not found ) (14:12:30) Sneakin Rootkit ( Not found ) (14:12:30) (14:12:30) Checking for Suckit Rootkit... (14:12:30) Checking for file '/sbin/initsk12' ( Not found ) (14:12:30) Checking for file '/sbin/initxrk' ( Not found ) (14:12:30) Checking for file '/usr/bin/null' ( Not found ) (14:12:30) Checking for file '/usr/share/locale/sk/.sk12/sk' ( Not found ) (14:12:30) Checking for file '/etc/rc.d/rc0.d/S23kmdac' ( Not found ) (14:12:30) Checking for file '/etc/rc.d/rc1.d/S23kmdac' ( Not found ) (14:12:30) Checking for file '/etc/rc.d/rc2.d/S23kmdac' ( Not found ) (14:12:30) Checking for file '/etc/rc.d/rc3.d/S23kmdac' ( Not found ) (14:12:30) Checking for file '/etc/rc.d/rc4.d/S23kmdac' ( Not found ) (14:12:30) Checking for file '/etc/rc.d/rc5.d/S23kmdac' ( Not found ) (14:12:30) Checking for file '/etc/rc.d/rc6.d/S23kmdac' ( Not found ) (14:12:30) Checking for directory '/dev/sdhu0/tehdrakg' ( Not found ) (14:12:30) Checking for directory '/etc/.MG' ( Not found ) (14:12:30) Checking for directory '/usr/share/locale/sk/.sk12' ( Not found ) (14:12:31) Checking for directory '/usr/lib/perl5/site_perl/i386-linux/auto/TimeDate/.packlist' ( Not found ) (14:12:31) Suckit Rootkit ( Not found ) (14:12:31) (14:12:31) Checking for SunOS Rootkit... (14:12:31) Checking for file '/etc/ld.so.hash' ( Not found ) (14:12:31) Checking for file '/lib/libext-2.so.7' ( Not found ) (14:12:31) Checking for file '/usr/bin/ssh2d' ( Not found ) (14:12:31) Checking for file '/bin/xlogin' ( Not found ) (14:12:31) Checking for file '/usr/lib/crth.o' ( Not found ) (14:12:31) Checking for file '/usr/lib/crtz.o' ( Not found ) (14:12:31) Checking for file '/sbin/login' ( Not found ) (14:12:31) Checking for file '/lib/security/.config/sn' ( Not found ) (14:12:31) Checking for file '/lib/security/.config/lpsched' ( Not found ) (14:12:31) Checking for file '/dev/kmod' ( Not found ) (14:12:31) Checking for file '/dev/dos' ( Not found ) (14:12:31) SunOS Rootkit ( Not found ) (14:12:31) (14:12:31) Checking for SunOS / NSDAP Rootkit... (14:12:31) Checking for file '/usr/lib/vold/nsdap/.kit' ( Not found ) (14:12:31) Checking for file '/usr/lib/vold/nsdap/defines' ( Not found ) (14:12:31) Checking for file '/usr/lib/vold/nsdap/patcher' ( Not found ) (14:12:31) Checking for file '/usr/lib/vold/nsdap/pg' ( Not found ) (14:12:31) Checking for file '/usr/lib/vold/nsdap/cleaner' ( Not found ) (14:12:31) Checking for file '/usr/lib/vold/nsdap/utime' ( Not found ) (14:12:31) Checking for file '/usr/lib/vold/nsdap/crypt' ( Not found ) (14:12:32) Checking for file '/usr/lib/vold/nsdap/findkit' ( Not found ) (14:12:32) Checking for file '/usr/lib/vold/nsdap/sn2' ( Not found ) (14:12:32) Checking for file '/usr/lib/vold/nsdap/sniffload' ( Not found ) (14:12:32) Checking for file '/usr/lib/vold/nsdap/runsniff' ( Not found ) (14:12:32) Checking for file '/usr/lib/lpset' ( Not found ) (14:12:32) Checking for directory '/usr/lib/vold/nsdap' ( Not found ) (14:12:32) SunOS / NSDAP Rootkit ( Not found )
part 3 of the log Code: (14:12:32) (14:12:32) Checking for Superkit Rootkit... (14:12:32) Checking for file '/usr/man/.sman/sk' ( Not found ) (14:12:32) Superkit Rootkit ( Not found ) (14:12:32) (14:12:32) Checking for TBD (Telnet BackDoor)... (14:12:32) Checking for file '/usr/lib/.tbd' ( Not found ) (14:12:32) TBD (Telnet BackDoor) ( Not found ) (14:12:32) (14:12:32) Checking for TeLeKiT Rootkit... (14:12:32) Checking for file '/usr/man/man3/.../TeLeKiT/bin/sniff' ( Not found ) (14:12:32) Checking for file '/usr/man/man3/.../TeLeKiT/bin/telnetd' ( Not found ) (14:12:32) Checking for file '/usr/man/man3/.../TeLeKiT/bin/teleulo' ( Not found ) (14:12:32) Checking for file '/usr/man/man3/.../cl' ( Not found ) (14:12:32) Checking for file '/dev/ptyr' ( Not found ) (14:12:32) Checking for file '/dev/ptyp' ( Not found ) (14:12:32) Checking for file '/dev/ptyq' ( Not found ) (14:12:32) Checking for file '/dev/hda06' ( Not found ) (14:12:32) Checking for file '/usr/info/libc1.so' ( Not found ) (14:12:33) Checking for directory '/usr/man/man3/...' ( Not found ) (14:12:33) Checking for directory '/usr/man/man3/.../lsniff' ( Not found ) (14:12:33) Checking for directory '/usr/man/man3/.../TeLeKiT' ( Not found ) (14:12:33) TeLeKiT Rootkit ( Not found ) (14:12:33) (14:12:33) Checking for T0rn Rootkit... (14:12:33) Checking for file '/dev/.lib/lib/lib/t0rns' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/du' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/ls' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/t0rnsb' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/ps' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/t0rnp' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/find' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/ifconfig' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/pg' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/ssh.tgz' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/top' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/sz' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/login' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/in.fingerd' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/1i0n.sh' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/pstree' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/in.telnetd' ( Not found ) (14:12:33) Checking for file '/dev/.lib/lib/lib/mjy' ( Not found ) (14:12:34) Checking for file '/dev/.lib/lib/lib/sush' ( Not found ) (14:12:34) Checking for file '/dev/.lib/lib/lib/tfn' ( Not found ) (14:12:34) Checking for file '/dev/.lib/lib/lib/name' ( Not found ) (14:12:34) Checking for file '/dev/.lib/lib/lib/getip.sh' ( Not found ) (14:12:34) Checking for file '/usr/info/.torn/sh*' ( Not found ) (14:12:34) Checking for file '/usr/src/.puta/.1addr' ( Not found ) (14:12:34) Checking for file '/usr/src/.puta/.1file' ( Not found ) (14:12:34) Checking for file '/usr/src/.puta/.1proc' ( Not found ) (14:12:34) Checking for file '/usr/src/.puta/.1logz' ( Not found ) (14:12:34) Checking for file '/usr/info/.t0rn' ( Not found ) (14:12:34) Checking for directory '/dev/.lib' ( Not found ) (14:12:34) Checking for directory '/dev/.lib/lib' ( Not found ) (14:12:34) Checking for directory '/dev/.lib/lib/lib' ( Not found ) (14:12:34) Checking for directory '/dev/.lib/lib/lib/dev' ( Not found ) (14:12:34) Checking for directory '/dev/.lib/lib/scan' ( Not found ) (14:12:34) Checking for directory '/usr/src/.puta' ( Not found ) (14:12:34) Checking for directory '/usr/man/man1/man1' ( Not found ) (14:12:34) Checking for directory '/usr/man/man1/man1/lib' ( Not found ) (14:12:34) Checking for directory '/usr/man/man1/man1/lib/.lib' ( Not found ) (14:12:34) Checking for directory '/usr/man/man1/man1/lib/.lib/.backup' ( Not found ) (14:12:34) T0rn Rootkit ( Not found ) (14:12:34) (14:12:34) Checking for Trojanit Kit... (14:12:34) Checking for file '/bin/.ls' ( Not found ) (14:12:35) Checking for file '/bin/.ps' ( Not found ) (14:12:35) Checking for file '/bin/.netstat' ( Not found ) (14:12:35) Checking for file '/usr/bin/.nop' ( Not found ) (14:12:35) Checking for file '/usr/bin/.who' ( Not found ) (14:12:35) Trojanit Kit ( Not found ) (14:12:35) (14:12:35) Checking for Tuxtendo Rootkit... (14:12:35) Checking for file '/dev/tux/.addr' ( Not found ) (14:12:35) Checking for file '/dev/tux/.cron' ( Not found ) (14:12:35) Checking for file '/dev/tux/.file' ( Not found ) (14:12:35) Checking for file '/dev/tux/.log' ( Not found ) (14:12:35) Checking for file '/dev/tux/.proc' ( Not found ) (14:12:35) Checking for file '/dev/tux/backup/crontab' ( Not found ) (14:12:35) Checking for file '/dev/tux/backup/df' ( Not found ) (14:12:35) Checking for file '/dev/tux/backup/dir' ( Not found ) (14:12:35) Checking for file '/dev/tux/backup/find' ( Not found ) (14:12:35) Checking for file '/dev/tux/backup/ifconfig' ( Not found ) (14:12:35) Checking for file '/dev/tux/backup/locate' ( Not found ) (14:12:35) Checking for file '/dev/tux/backup/netstat' ( Not found ) (14:12:35) Checking for file '/dev/tux/backup/ps' ( Not found ) (14:12:35) Checking for file '/dev/tux/backup/pstree' ( Not found ) (14:12:35) Checking for file '/dev/tux/backup/syslogd' ( Not found ) (14:12:35) Checking for file '/dev/tux/backup/tcpd' ( Not found ) (14:12:35) Checking for file '/dev/tux/backup/top' ( Not found ) (14:12:36) Checking for file '/dev/tux/backup/updatedb' ( Not found ) (14:12:36) Checking for file '/dev/tux/backup/vdir' ( Not found ) (14:12:36) Checking for directory '/dev/tux' ( Not found ) (14:12:36) Checking for directory '/dev/tux/ssh2' ( Not found ) (14:12:36) Checking for directory '/dev/tux/backup' ( Not found ) (14:12:36) Tuxtendo Rootkit ( Not found ) (14:12:36) (14:12:36) Checking for URK Rootkit... (14:12:36) Checking for file '/usr/man/man1/xxxxxxbin/find' ( Not found ) (14:12:36) Checking for file '/usr/man/man1/xxxxxxbin/du' ( Not found ) (14:12:36) Checking for file '/usr/man/man1/xxxxxxbin/ps' ( Not found ) (14:12:36) Checking for file '/tmp/conf.inf' ( Not found ) (14:12:36) Checking for directory '/usr/man/man1/xxxxxxbin' ( Not found ) (14:12:36) URK Rootkit ( Not found ) (14:12:36) (14:12:36) Checking for Vampire Rootkit... (14:12:36) Checking for kernel symbol 'new_getdents' ( Skipped ) (14:12:36) Checking for kernel symbol 'old_getdents' ( Skipped ) (14:12:36) Checking for kernel symbol 'should_hide_file_name' ( Skipped ) (14:12:36) Checking for kernel symbol 'should_hide_task_name' ( Skipped ) (14:12:36) Vampire Rootkit ( Not found ) (14:12:36) (14:12:36) Checking for VcKit Rootkit... (14:12:36) Checking for directory '/usr/include/linux/modules/lib.so' ( Not found ) (14:12:36) Checking for directory '/usr/include/linux/modules/lib.so/bin' ( Not found ) (14:12:36) VcKit Rootkit ( Not found ) (14:12:36) (14:12:36) Checking for Volc Rootkit... (14:12:37) Checking for directory '/var/spool/.recent' ( Not found ) (14:12:37) Checking for directory '/var/spool/.recent/.files' ( Not found ) (14:12:37) Checking for directory '/usr/lib/volc' ( Not found ) (14:12:37) Checking for directory '/usr/lib/volc/backup' ( Not found ) (14:12:37) Volc Rootkit ( Not found ) (14:12:37) (14:12:37) Checking for X-Org SunOS Rootkit... (14:12:37) Checking for file '/usr/lib/libX.a/bin/tmpfl' ( Not found ) (14:12:37) Checking for file '/usr/lib/libX.a/bin/rps' ( Not found ) (14:12:37) Checking for file '/usr/bin/srload' ( Not found ) (14:12:37) Checking for file '/usr/lib/libX.a/bin/sparcv7/rps' ( Not found ) (14:12:37) Checking for file '/usr/sbin/modcheck' ( Not found ) (14:12:37) Checking for directory '/usr/lib/libX.a' ( Not found ) (14:12:37) Checking for directory '/usr/lib/libX.a/bin' ( Not found ) (14:12:37) Checking for directory '/usr/lib/libX.a/bin/sparcv7' ( Not found ) (14:12:37) Checking for directory '/usr/share/man...' ( Not found ) (14:12:37) X-Org SunOS Rootkit ( Not found ) (14:12:37) (14:12:37) Checking for zaRwT.KiT Rootkit... (14:12:37) Checking for file '/dev/rd/s/sendmeil' ( Not found ) (14:12:37) Checking for file '/dev/ttyf' ( Not found ) (14:12:37) Checking for file '/dev/ttyp' ( Not found ) (14:12:37) Checking for file '/dev/ttyn' ( Not found ) (14:12:37) Checking for file '/rk/tulz' ( Not found ) (14:12:37) Checking for directory '/rk' ( Not found ) (14:12:37) Checking for directory '/dev/rd/s' ( Not found ) (14:12:38) zaRwT.KiT Rootkit ( Not found ) (14:12:38) (14:12:38) Performing additional rootkit checks (14:12:38) Info: Starting test name 'additional_rkts' (14:12:38) (14:12:38) Performing Suckit Rookit additional checks (14:12:38) Checking hard link count on '/sbin/init' ( OK ) (14:12:38) Checking for hidden file extensions ( None found ) (14:12:38) Running skdet command ( Skipped ) (14:12:38) Info: Unable to find the 'skdet' command (14:12:38) Suckit Rookit additional checks ( OK ) (14:12:38) (14:12:38) Performing check of possible rootkit files and directories (14:12:38) Info: Starting test name 'possible_rkt_files' (14:12:38) Checking for file '/dev/sdr0' ( Not found ) (14:12:38) Checking for file '/tmp/.syshackfile' ( Not found ) (14:12:38) Checking for file '/tmp/.bash_history' ( Not found ) (14:12:38) Checking for file '/usr/info/.clib' ( Not found ) (14:12:38) Checking for file '/usr/sbin/tcp.log' ( Not found ) (14:12:38) Checking for file '/usr/bin/take/pid' ( Not found ) (14:12:38) Checking for file '/sbin/create' ( Not found ) (14:12:38) Checking for file '/dev/ttypz' ( Not found ) (14:12:38) Checking for directory '/usr/bin/take' ( Not found ) (14:12:38) Checking for directory '/usr/src/.lib' ( Not found ) (14:12:39) Checking for directory '/usr/share/man/man1/.1c' ( Not found ) (14:12:39) Checking for directory '/lib/lblip.tk' ( Not found ) (14:12:39) Checking for directory '/usr/sbin/...' ( Not found ) (14:12:39) Checking for directory '/usr/share/.gun' ( Not found ) (14:12:39) Checking for possible rootkit files and directories ( None found ) (14:12:39) (14:12:39) Performing check for possible rootkit strings (14:12:39) Info: Starting test name 'possible_rkt_strings' (14:12:39) Info: Using system startup paths: /etc/rc.local /etc/init.d /etc/inittab (14:12:39) Checking for string '/dev/proc/fuckit' ( Not found ) (14:12:39) Checking for string 'mess' ( Not found ) (14:12:39) Checking for string 'backdoor' ( Not found ) (14:12:39) Checking for string 'vt200' ( Not found ) (14:12:39) Checking for string '/usr/bin/xstat' ( Not found ) (14:12:39) Checking for string '/bin/envpc' ( Not found ) (14:12:39) Checking for string 'L4m3r0x' ( Not found ) (14:12:39) Checking for string '/usr/lib/.tbd' ( Not found ) (14:12:39) Checking for string '/dev/ptyxx/.file' ( Not found ) (14:12:40) Checking for string '/dev/sgk' ( Not found ) (14:12:40) Checking for string '/var/lock/subsys/...datafile...' ( Not found ) (14:12:40) Checking for string '/usr/lib/.tbd' ( Not found ) (14:12:40) Checking for string '/dev/proc/fuckit' ( Not found ) (14:12:40) Checking for string '/lib/.sso' ( Not found ) (14:12:40) Checking for string '/var/lock/subsys/...datafile...' ( Not found ) (14:12:40) Checking for string '/dev/caca' ( Not found ) (14:12:40) Checking for string '/dev/ttyoa' ( Not found ) (14:12:40) Checking for string 'syg' ( Not found ) (14:12:40) Checking for string '/dev/pts/01' ( Not found ) (14:12:40) Checking for string 'tw33dl3' ( Not found ) (14:12:40) Checking for string 'psniff' ( Not found ) (14:12:40) Checking for string '/var/lock/subsys/...datafile...' ( Not found ) (14:12:40) Checking for string '/dev/ptyxx' ( Not found ) (14:12:41) Checking for string 'promiscuous' ( Not found ) (14:12:41) Checking for string '/usr/lib/.tbd' ( Not found ) (14:12:41) Checking for string '/dev/xdta' ( Not found ) (14:12:41) Checking for string '/usr/lib/.tbd' ( Not found ) (14:12:41) Checking for string 'in.inetd' ( Not found ) (14:12:41) Checking for string '#<HIDE_.*>' ( Not found ) (14:12:42) Checking for string 'bin/xchk' ( Not found ) (14:12:42) Checking for string 'bin/xsf' ( Not found ) (14:12:42) Checking for possible rootkit strings ( None found ) (14:12:42) (14:12:42) Performing malware checks (14:12:42) Info: Starting test name 'malware' (14:12:42) (14:12:42) Info: Test 'deleted_files' disabled at users request. (14:12:42) Info: Starting test name 'running_procs' (14:12:42) Checking running processes for suspicious files ( Skipped ) (14:12:42) Info: Unable to find the 'lsof' command (14:12:43) (14:12:43) Info: Test 'hidden_procs' disabled at users request. (14:12:43) (14:12:43) Info: Test 'suspscan' disabled at users request. (14:12:43) (14:12:43) Performing check for login backdoors (14:12:43) Info: Starting test name 'other_malware' (14:12:43) Checking for '/bin/.login' ( Not found ) (14:12:43) Checking for '/sbin/.login' ( Not found ) (14:12:43) Checking for login backdoors ( None found ) (14:12:43) (14:12:43) Performing check for suspicious directories (14:12:43) Checking for directory '/usr/X11R6/bin/.,/copy' ( Not found ) (14:12:43) Checking for directory '/dev/rd/cdb' ( Not found ) (14:12:43) Checking for suspicious directories ( None found ) (14:12:43) (14:12:43) Checking for software intrusions ( Skipped ) (14:12:43) Info: Check skipped - tripwire not installed (14:12:43) (14:12:43) Performing check for sniffer log files (14:12:43) Checking for file '/usr/lib/libice.log' ( Not found ) (14:12:43) Checking for sniffer log files ( None found ) (14:12:43) (14:12:43) Performing trojan specific checks (14:12:43) Info: Starting test name 'trojans' (14:12:43) Info: Using inetd configuration file '/etc/inetd.conf' (14:12:43) Checking for enabled inetd services ( OK ) (14:12:43) (14:12:43) Performing check for enabled xinetd services (14:12:43) Checking for enabled xinetd services ( Skipped ) (14:12:43) Info: Check skipped - file '/etc/xinetd.conf' does not exist. (14:12:43) Checking for Apache backdoor ( Not found ) (14:12:43) (14:12:43) Performing Linux specific checks (14:12:43) Info: Starting test name 'os_specific' (14:12:44) Checking loaded kernel modules ( Warning ) (14:12:44) Warning: No output found from the lsmod command or the /proc/modules file: (14:12:44) /proc/modules output: (14:12:44) lsmod output: (14:12:44) Info: Using modules pathname of '/lib/modules' (14:12:44) Checking kernel module names ( Skipped ) (14:12:44) Warning: The kernel modules directory '/lib/modules' is missing or empty. (14:14:50) (14:14:50) Checking the network... (14:14:50) Info: Starting test name 'network' (14:14:50) Info: Starting test name 'ports' (14:14:50) (14:14:50) Performing check for backdoor ports (14:14:50) Info: Disabling pathnames and '*' in PORT_WHITELIST setting: no 'lsof' command present. (14:14:51) Checking for TCP port 1524 ( Not found ) (14:14:52) Checking for TCP port 1984 ( Not found ) (14:14:53) Checking for UDP port 2001 ( Not found ) (14:14:54) Checking for TCP port 2006 ( Not found ) (14:14:55) Checking for TCP port 2128 ( Not found ) (14:14:55) Checking for TCP port 6666 ( Not found ) (14:14:56) Checking for TCP port 6667 ( Not found ) (14:14:57) Checking for TCP port 6668 ( Not found ) (14:14:58) Checking for TCP port 6669 ( Not found ) (14:14:59) Checking for TCP port 7000 ( Not found ) (14:15:00) Checking for TCP port 13000 ( Not found ) (14:15:00) Checking for TCP port 14856 ( Not found ) (14:15:01) Checking for TCP port 25000 ( Not found ) (14:15:02) Checking for TCP port 29812 ( Not found ) (14:15:03) Checking for TCP port 31337 ( Not found ) (14:15:04) Checking for TCP port 33369 ( Not found ) (14:15:05) Checking for TCP port 47107 ( Not found ) (14:15:06) Checking for TCP port 47018 ( Not found ) (14:15:07) Checking for TCP port 60922 ( Not found ) (14:15:08) Checking for TCP port 62883 ( Not found ) (14:15:09) Checking for TCP port 65535 ( Not found ) (14:15:09) (14:15:09) Performing checks on the network interfaces (14:15:09) Info: Starting test name 'promisc' (14:15:09) Info: Promiscuous network interface check using 'ip' command skipped - unable to find the 'ip' command. (14:15:09) Checking for promiscuous interfaces ( None found ) (14:15:09) (14:15:09) Info: Test 'packet_cap_apps' disabled at users request. (14:15:18) (14:15:18) Checking the local host... (14:15:18) Info: Starting test name 'local_host' (14:15:18) (14:15:18) Performing system boot checks (14:15:18) Info: Starting test name 'startup_files' (14:15:18) Checking for local host name ( Found ) (14:15:18) Info: Starting test name 'startup_malware' (14:15:18) Checking for system startup files ( Found ) (14:15:19) Checking system startup files for malware ( None found ) (14:15:19) (14:15:19) Performing group and account checks (14:15:19) Info: Starting test name 'group_accounts' (14:15:19) Checking for passwd file ( Found ) (14:15:19) Info: Found password file: /etc/passwd (14:15:19) Checking for root equivalent (UID 0) accounts ( Warning ) (14:15:19) Warning: Account 'borja' is root equivalent (UID = 0) (14:15:19) Info: Found shadow file: /etc/shadow (14:15:19) Checking for passwordless accounts ( None found ) (14:15:20) Info: Starting test name 'passwd_changes' (14:15:20) Checking for passwd file changes ( None found ) (14:15:20) Info: Starting test name 'group_changes' (14:15:20) Checking for group file changes ( None found ) (14:15:20) Checking root account shell history files ( OK ) (14:15:20) (14:15:20) Performing system configuration file checks (14:15:20) Info: Starting test name 'system_configs' (14:15:20) Checking for SSH configuration file ( Found ) (14:15:20) Info: Found SSH configuration file: /etc/ssh/sshd_config (14:15:20) Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'no'. (14:15:20) Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '0'. (14:15:20) Checking if SSH root access is allowed ( Warning ) (14:15:20) Warning: The SSH and rkhunter configuration options should be the same: (14:15:20) SSH configuration option 'PermitRootLogin': yes (14:15:20) Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': no (14:15:20) Checking if SSH protocol v1 is allowed ( Not allowed ) (14:15:20) Checking for running syslog daemon ( Found ) (14:15:20) Checking for syslog configuration file ( Found ) (14:15:20) Info: Found syslog configuration file: /etc/syslog.conf (14:15:20) Checking if syslog remote logging is allowed ( Not allowed ) (14:15:20) (14:15:20) Performing filesystem checks (14:15:20) Info: Starting test name 'filesystem' (14:15:20) Info: SCAN_MODE_DEV set to 'THOROUGH' (14:15:21) Checking /dev for suspicious file types ( Warning ) (14:15:21) Warning: Suspicious file types found in /dev: (14:15:21) /dev/shm/network/ifstate: ASCII text (14:15:21) Checking for hidden files and directories ( None found ) (14:15:33) (14:15:33) Checking application versions... (14:15:33) Info: Starting test name 'apps' (14:15:34) Info: Application 'exim' not found. (14:15:34) Checking version of GnuPG ( OK ) (14:15:34) Info: Application 'gpg' version '1.4.6' found. (14:15:34) Checking version of Apache ( Warning ) (14:15:34) Warning: Application 'httpd', version '2.2.3', is out of date, and possibly a security risk. (14:15:34) Checking version of Bind DNS ( Warning ) (14:15:34) Warning: Application 'named', version '9.3.4', is out of date, and possibly a security risk. (14:15:34) Checking version of OpenSSL ( Warning ) (14:15:34) Warning: Application 'openssl', version '0.9.8c', is out of date, and possibly a security risk. (14:15:34) Checking version of PHP ( Warning ) (14:15:34) Warning: Application 'php', version '5.2.0', is out of date, and possibly a security risk. (14:15:34) Checking version of Procmail MTA ( OK ) (14:15:35) Info: Application 'procmail' version '3.22' found. (14:15:35) Checking version of ProFTPd ( OK ) (14:15:35) Info: Application 'proftpd' version '1.3.0' found. (14:15:35) Checking version of OpenSSH ( Warning ) (14:15:35) Warning: Application 'sshd', version '4.3p2', is out of date, and possibly a security risk. (14:15:35) Info: Applications checked: 8 out of 9 (14:15:35) (14:15:35) System checks summary (14:15:35) ===================== (14:15:35) (14:15:35) File properties checks... (14:15:35) Files checked: 119 (14:15:35) Suspect files: 119 (14:15:35) (14:15:35) Rootkit checks... (14:15:35) Rootkits checked : 114 (14:15:35) Possible rootkits: 0 (14:15:35) (14:15:35) Applications checks... (14:15:35) Applications checked: 8 (14:15:35) Suspect applications: 5 (14:15:35) (14:15:35) The system checks took: 10 minutes and 22 seconds (14:15:35) (14:15:35) Info: End date is mié mar 31 14:15:35 CEST 2010
The changed files in part 1 of your log don't look good. Can you update rkhunter... Code: rkhunter -u and run rkhunter again? Do you get the same results then?
Hi, Falko i execute after "rkhunter --update" and i obtain the same result. My distribution is a debian etch in a container of openvz (with proxmox). Can are this a issue? PD: the distribution of the fisical server with proxmox is a debian lenny.
Looks normal. You have run the original rkhunter check on a different host then migrated the virtual machine then ran the check on the new system again... and this is the result. Different hardware, different inodes. It's a good policy to do 'rkhunter --propupd' before and after the migration.
