11-11-2017, 04:35 PM
(This post was last modified: 11-11-2017, 04:38 PM by newtusmaximus.)
[Highlights from my rkhunter log scan of just now
15:50:21] Info: Found file '/usr/sbin/adduser': it is whitelisted for the 'script replacement' check.
[15:50:28] Info: Found file '/usr/bin/ldd': it is whitelisted for the 'script replacement' check.
[15:50:34] Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: a /usr/bin/perl -w script, ASCII text executable
[15:50:40] Info: Found file '/bin/egrep': it is whitelisted for the 'script replacement' check.
[15:50:40] /bin/fgrep [ OK ]
[15:50:41] Info: Found file '/bin/fgrep': it is whitelisted for the 'script replacement' check.
[15:50:44] Info: Found file '/bin/which': it is whitelisted for the 'script replacement' check.
[15:51:55] Info: Found the 'unhide-tcp' command: /usr/sbin/unhide-tcp
[15:51:58] Info: SCAN_MODE_DEV set to 'THOROUGH'
[15:52:01] Checking /dev for suspicious file types [ Warning ]
[15:52:01] Warning: Suspicious file types found in /dev:
[15:52:01] /dev/shm/pulse-shm-331478974: data
[15:52:01] /dev/shm/pulse-shm-3524711130: data
[15:52:01] /dev/shm/pulse-shm-1543249499: data
[15:52:01] /dev/shm/pulse-shm-1019003171: data
[15:52:01] /dev/shm/pulse-shm-3173629532: data
[15:52:01] /dev/shm/pulse-shm-3776217293: data
[15:52:01] /dev/shm/pulse-shm-1763800836: data
[15:52:01] Checking for hidden files and directories [ Warning ]
[15:52:01] Warning: Hidden directory found: /etc/.java
[15:52:07] System checks summary
[15:52:07] =====================
[15:52:07]
[15:52:07] File properties checks...
[15:52:07] Files checked: 150
[15:52:07] Suspect files: 1
[15:52:07]
[15:52:07] Rootkit checks...
[15:52:07] Rootkits checked : 365
[15:52:07] Possible rootkits: 0
[15:52:07]
[15:52:07] Applications checks...
[15:52:07] All checks skipped
[15:52:07]
[15:52:07] The system checks took: 1 minute and 56 seconds
[15:52:07]
[15:52:07] Info: End date is Sat Nov 11 15:52:07 GMT 2017
No idea what the significance of the above is. help please in laypersons terms .
15:50:21] Info: Found file '/usr/sbin/adduser': it is whitelisted for the 'script replacement' check.
[15:50:28] Info: Found file '/usr/bin/ldd': it is whitelisted for the 'script replacement' check.
[15:50:34] Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: a /usr/bin/perl -w script, ASCII text executable
[15:50:40] Info: Found file '/bin/egrep': it is whitelisted for the 'script replacement' check.
[15:50:40] /bin/fgrep [ OK ]
[15:50:41] Info: Found file '/bin/fgrep': it is whitelisted for the 'script replacement' check.
[15:50:44] Info: Found file '/bin/which': it is whitelisted for the 'script replacement' check.
[15:51:55] Info: Found the 'unhide-tcp' command: /usr/sbin/unhide-tcp
[15:51:58] Info: SCAN_MODE_DEV set to 'THOROUGH'
[15:52:01] Checking /dev for suspicious file types [ Warning ]
[15:52:01] Warning: Suspicious file types found in /dev:
[15:52:01] /dev/shm/pulse-shm-331478974: data
[15:52:01] /dev/shm/pulse-shm-3524711130: data
[15:52:01] /dev/shm/pulse-shm-1543249499: data
[15:52:01] /dev/shm/pulse-shm-1019003171: data
[15:52:01] /dev/shm/pulse-shm-3173629532: data
[15:52:01] /dev/shm/pulse-shm-3776217293: data
[15:52:01] /dev/shm/pulse-shm-1763800836: data
[15:52:01] Checking for hidden files and directories [ Warning ]
[15:52:01] Warning: Hidden directory found: /etc/.java
[15:52:07] System checks summary
[15:52:07] =====================
[15:52:07]
[15:52:07] File properties checks...
[15:52:07] Files checked: 150
[15:52:07] Suspect files: 1
[15:52:07]
[15:52:07] Rootkit checks...
[15:52:07] Rootkits checked : 365
[15:52:07] Possible rootkits: 0
[15:52:07]
[15:52:07] Applications checks...
[15:52:07] All checks skipped
[15:52:07]
[15:52:07] The system checks took: 1 minute and 56 seconds
[15:52:07]
[15:52:07] Info: End date is Sat Nov 11 15:52:07 GMT 2017
No idea what the significance of the above is. help please in laypersons terms .
2006 - HP DC7700p ultraslim Desktop Intel 6300 cpu 4GB Ram LL3.8 64bit.
2007 - Fujitsu Siemens V3405 Laptop 2 GB Ram LL3.6 32bit. Now 32bit Debian 9 + nonfree.
2006 - Fujitsu Siemens Si1520 Laptop Intel T720 cpu 3GB Ram LL5.6 64 Bit
2014 - Fujitsu Siemens Lifebook E754 Intel i7 4712MQ 16GB Ram LL6.6
2003 - RETIRED Toshiba Satellite Pro A10 1 GB RAM LL2.8 32bit
2007 - Fujitsu Siemens V3405 Laptop 2 GB Ram LL3.6 32bit. Now 32bit Debian 9 + nonfree.
2006 - Fujitsu Siemens Si1520 Laptop Intel T720 cpu 3GB Ram LL5.6 64 Bit
2014 - Fujitsu Siemens Lifebook E754 Intel i7 4712MQ 16GB Ram LL6.6
2003 - RETIRED Toshiba Satellite Pro A10 1 GB RAM LL2.8 32bit