[CentOS-es] chkrootkit chkutmp
Sergio Villalba Moreno
svillalba en cherrytel.com
Jue Dic 11 10:09:02 UTC 2008
Hola a tod en s,
Estoy utilizando las herramientas chkrootkit y rkhunter bajo CentOS 5.0 con
esta versión de kernel:
2.6.18-8.1.8.el5 #1 SMP Tue Jul 10 06:39:17 EDT 2007 x86_64 x86_64 x86_64
GNU/Linux
¿me han infectado el servidor?
Searching for Anonoying rootkit default files and dirs... nothing found
Searching for ZK rootkit default files and dirs... nothing found
Searching for ShKit rootkit default files and dirs... nothing found
Searching for AjaKit rootkit default files and dirs... nothing found
Searching for zaRwT rootkit default files and dirs... nothing found
Searching for Madalin rootkit default files... nothing found
Searching for Fu rootkit default files... nothing found
Searching for ESRK rootkit default files... nothing found
Searching for rootedoor... nothing found
Searching for ENYELKM rootkit default files... nothing found
Searching for common ssh-scanners default files... nothing found
Searching for suspect PHP files... nothing found
Searching for anomalies in shell history files... nothing found
Checking `asp'... not infected
Checking `bindshell'... not infected
Checking `lkm'... chkproc: nothing detected
chkdirs: nothing detected
Checking `rexedcs'... not found
Checking `sniffer'... eth0: not promisc and no PF_PACKET sockets
Checking `w55808'... not infected
Checking `wted'... chkwtmp: nothing deleted
Checking `scalper'... not infected
Checking `slapper'... not infected
Checking `z2'... chklastlog: nothing deleted
Checking `chkutmp'... The tty of the following user process(es) were not
found
in /var/run/utmp !
! RUID PID TTY CMD
! root 5044 tty4 /sbin/mingetty tty4
chkutmp: nothing deleted
Gracias por todo.
Saludos.
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: http://lists.centos.org/pipermail/centos-es/attachments/20081211/a82b8006/attachment.html
Más información sobre la lista de distribución CentOS-es