Log Samples  
 

RK Hunter Log Samples

Samples genereated with firmware version: -
Date entry created: 2004-03-29

 

Download the Complete Logfile Sample as Zip-File

[13:35:14] Application scan started
[13:35:14] Info: WGET found
[13:35:14] [13:35:14] Info: NMAP found
[13:35:14] Application scan ended
[13:35:14] Info: Found /etc/redhat-release
[13:35:14] [13:35:14] Warning: this operating system is not fully supported!
[13:35:14] Info: Using to verify MD5 hashes
[13:35:14] Info: found
[13:35:14] Info: /usr/local/rkhunter/tmp is present
[13:35:14] Info: UID is zero (root)
[13:35:14] [13:35:14] Info: Perl version 5.8.1 found
[13:35:14] [13:35:14] Info: Digest::MD5 installed (version 2.30).
[13:35:14] Using Perl Digest::MD5 module instead of /usr/bin/md5sum
------------------------------ Selftests ------------------------------
[13:35:15] [13:35:15] *** Start scan 55808 Trojan - Variant A ***
[13:35:15] Scanning for file /tmp/.../r... OK. Not found.
[13:35:15] Scanning for file /tmp/.../a... OK. Not found.
[13:35:15] [13:35:15] *** Start scan Apache Worm ***
[13:35:15] Scanning for file /bin/.log... OK. Not found.
[13:35:15] [13:35:15] *** Start scan Ambient (ark) Rootkit ***
[13:35:15] Scanning for file /usr/lib/.ark?... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /dev/ptyxx... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan BeastKit ***
[13:35:15] Scanning for file /usr/sbin/arobia... OK. Not found.
[13:35:15] Scanning for file /usr/sbin/idrun... OK. Not found.
[13:35:15] Scanning for file /usr/lib/elm/arobia/elm... OK. Not found.
[13:35:15] Scanning for file /usr/lib/elm/arobia/elm/hk... OK. Not found.
[13:35:15] Scanning for file /usr/lib/elm/arobia/elm/hk.pub... OK. Not found.
[13:35:15] Scanning for file /usr/lib/elm/arobia/elm/sc... OK. Not found.
[13:35:15] Scanning for file /usr/lib/elm/arobia/elm/sd.pp... OK. Not found.
[13:35:15] Scanning for file /usr/lib/elm/arobia/elm/sdco... OK. Not found.
[13:35:15] Scanning for file /usr/lib/elm/arobia/elm/srsd... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /lib/ldd.so/bktools... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan BOBKit ***
[13:35:15] Scanning for file /usr/sbin/ntpsx... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../ls... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../netstat... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../lsof... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../bkit-ssh/bkit-shdcfg... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../bkit-ssh/bkit-shhk... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../bkit-ssh/bkit-pw... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../bkit-ssh/bkit-shrs... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../uconf.inv... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../psr... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../find... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../pstree... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../slocate... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../du... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../top... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/...... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/.../bkit-ssh... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/.bkit-... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /tmp/.bkp... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan CiNIK Worm (Slapper.B variant) ***
[13:35:15] Scanning for file /tmp/.cinik... OK. Not found.
[13:35:15] [13:35:15] *** Start scan Devil RootKit ***
[13:35:15] Scanning for file /var/lib/games/.src... OK. Not found.
[13:35:15] Scanning for file /dev/dsx... OK. Not found.
[13:35:15] Scanning for file /dev/caca... OK. Not found.
[13:35:15] [13:35:15] *** Start scan Dica ***
[13:35:15] Scanning for file /lib/.sso... OK. Not found.
[13:35:15] Scanning for file /lib/.so... OK. Not found.
[13:35:15] [13:35:15] *** Start scan FreeBSD Rootkit ***
[13:35:15] Scanning for file /usr/lib/.fx/sched_host.2... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.fx/random_d.2... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.fx/set_pid.2... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.fx/cons.saver... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.fx/adore/adore/adore.ko... OK. Not found.
[13:35:15] Scanning for file /bin/sysback... OK. Not found.
[13:35:15] Scanning for file /usr/local/bin/sysback... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/.fx... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/.fx/adore... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan Fuck`it Rootkit ***
[13:35:15] Scanning for file /dev/proc/fuckit/hax0r... OK. Not found.
[13:35:15] Scanning for file /dev/proc/fuckit/hax0rshell... OK. Not found.
[13:35:15] Scanning for file /dev/proc/fuckit/config/lports... OK. Not found.
[13:35:15] Scanning for file /dev/proc/fuckit/config/rports... OK. Not found.
[13:35:15] Scanning for file /dev/proc/fuckit/config/rkconf... OK. Not found.
[13:35:15] Scanning for file /dev/proc/fuckit/config/password... OK. Not found.
[13:35:15] Scanning for file /dev/proc/fuckit/config/progs... OK. Not found.
[13:35:15] Scanning for file /dev/proc/system-bins/init... OK. Not found.
[13:35:15] [13:35:15] *** Start scan GasKit ***
[13:35:15] Scanning for file /dev/dev/gaskit/sshd/sshdd... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /dev/dev... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /dev/dev/gaskit... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /dev/dev/gaskit/sshd... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan ImperalsS-FBRK ***
[13:35:15] [13:35:15] Scanning for directory /dev/fd/.88... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /dev/fd/.99... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan Li0n Worm ***
[13:35:15] Scanning for file /bin/in.telnetd... OK. Not found.
[13:35:15] Scanning for file /bin/mjy... OK. Not found.
[13:35:15] Scanning for file /usr/man/man1/man1/lib/.lib/mjy... OK. Not found.
[13:35:15] Scanning for file /usr/man/man1/man1/lib/.lib/in.telnetd... OK. Not found.
[13:35:15] Scanning for file /usr/man/man1/man1/lib/.lib/.x... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/1i0n.sh... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/hack.sh... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/bind... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/randb... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/scan.sh... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/pscan... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/star.sh... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/bindx.sh... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/bindname.log... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/1i0n.sh... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/lib/netstat... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/lib/dev/.1addr... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/lib/dev/.1logz... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/lib/dev/.1proc... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/lib/dev/.1file... OK. Not found.
[13:35:15] [13:35:15] *** Start scan MRK ***
[13:35:15] Scanning for file /dev/ida/.inet/pid... OK. Not found.
[13:35:15] Scanning for file /dev/ida/.inet/ssh_host_key... OK. Not found.
[13:35:15] Scanning for file /dev/ida/.inet/ssh_random_seed... OK. Not found.
[13:35:15] Scanning for file /dev/ida/.inet/tcp.log... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /dev/ida/.inet... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /var/spool/cron/.sh... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan RootKit for SunOS / NSDAP ***
[13:35:15] Scanning for file /usr/lib/vold/nsdap... OK. Not found.
[13:35:15] [13:35:15] *** Start scan Optic Kit (Tux) ***
[13:35:15] [13:35:15] Scanning for directory /dev/tux... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/bin/xchk... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/bin/xsf... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/bin/ssh2d... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan Oz Rootkit ***
[13:35:15] Scanning for file /dev/.oz/.nap/rkit/terror... OK. Not found.
[13:35:15] [13:35:15] *** Start scan Portacelo ***
[13:35:15] Scanning for file /var/lib/.../.ak... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../.hk... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../.rs... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../.p... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../getty... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../lkt.o... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../show... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../nlkt.o... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../ssshrc... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../sssh_equiv... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../sssh_known_hosts... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../sssh_pid... OK. Not found.
[13:35:15] Scanning for file ~/.sssh/known_hosts... OK. Not found.
Debug: Sebek LKM
[13:35:15] [13:35:15] *** Start scan Scalper Worm ***
[13:35:15] Scanning for file /tmp/.a... OK. Not found.
[13:35:15] Scanning for file /tmp/.uua... OK. Not found.
[13:35:15] [13:35:15] *** Start scan SHV4 ***
[13:35:15] Scanning for file /etc/ld.so.hash... OK. Not found.
[13:35:15] Scanning for file /lib/libext-2.so.7... OK. Not found.
[13:35:15] Scanning for file /lib/lidps1.so... OK. Not found.
[13:35:15] Scanning for file /usr/sbin/xntps... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /lib/security/.config... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /lib/security/.config/ssh... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan Slapper ***
[13:35:15] Scanning for file /tmp/.bugtraq... OK. Not found.
[13:35:15] Scanning for file /tmp/.uubugtraq... OK. Not found.
[13:35:15] Scanning for file /tmp/.bugtraq.c... OK. Not found.
[13:35:15] Scanning for file /tmp/httpd... OK. Not found.
[13:35:15] Scanning for file /tmp/.unlock... OK. Not found.
[13:35:15] Scanning for file /tmp/update... OK. Not found.
[13:35:15] Scanning for file /tmp/.cinik... OK. Not found.
[13:35:15] Scanning for file /tmp/.b... OK. Not found.
[13:35:15] [13:35:15] *** Start scan SunOS Rootkit ***
[13:35:15] Scanning for file /etc/ld.so.hash... OK. Not found.
[13:35:15] Scanning for file /lib/libext-2.so.7... OK. Not found.
[13:35:15] Scanning for file /usr/bin/ssh2d... OK. Not found.
[13:35:15] Scanning for file /bin/xlogin... OK. Not found.
[13:35:15] Scanning for file /usr/lib/crth.o... OK. Not found.
[13:35:15] Scanning for file /usr/lib/crtz.o... OK. Not found.
[13:35:15] Scanning for file /sbin/login... OK. Not found.
[13:35:15] Scanning for file /lib/security/.config/sn... OK. Not found.
[13:35:15] Scanning for file /lib/security/.config/lpsched... OK. Not found.
[13:35:15] Scanning for file /dev/kmod... OK. Not found.
[13:35:15] Scanning for file /dev/dos... OK. Not found.
[13:35:15] [13:35:15] *** Start scan TBD (Telnet BackDoor) ***
[13:35:15] Scanning for file /usr/lib/.tbd... OK. Not found.
[13:35:15] [13:35:15] *** Start scan X-Org SunOS Rootkit ***
[13:35:15] Scanning for file /usr/lib/libX.a/bin/tmpfl... OK. Not found.
[13:35:15] Scanning for file /usr/lib/libX.a/bin/rps... OK. Not found.
[13:35:15] Scanning for file /usr/bin/srload... OK. Not found.
[13:35:15] Scanning for file /usr/lib/libX.a/bin/sparcv7/rps... OK. Not found.
[13:35:15] Scanning for file /usr/sbin/modcheck... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/libX.a... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/libX.a/bin... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/libX.a/bin/sparcv7... [13:35:15] OK. Not found.
/dev/ttyp clean
/dev/ttypr clean
/dev/ttypp clean
/dev/ttypq clean
/dev/ptyxx/.list clean
/dev/ptyxx/.proc clean
/tmp/.X11-unix/.../rk .[32C[ .[1;32mNot found.[0;39m ]
/usr/X11R6/bin/.,/copy/ .[32C[ .[1;32mNot found.[0;39m ]
/dev/rd .[32C[ .[1;32mNot found.[0;39m ]
[13:35:21] Checking /usr/bin/netstat... Not found
[13:35:21] Checking /bin/ps... [ OK ]
[13:35:21] Checking /bin/ls... [ OK ]
[13:35:21] Checking /usr/bin/w... [ OK ]
[13:35:21] Checking /usr/bin/who... [ OK ]
[13:35:21] Checking /bin/netstat... [ OK ]
[13:35:21] Checking /usr/bin/netstat... Not found
[13:35:21] Checking /bin/login... [ OK ]
[13:35:36] Start scanning for hidden files in /dev...
[13:35:36] Value of hiddendirs: 
[13:35:36] End of scanning /dev
[13:35:36] Start scanning for hidden files in /bin...
[13:35:36] Value of hiddendirs: 
[13:35:36] End of scanning /bin
[13:35:36] Start scanning for hidden files in /usr...
[13:35:36] Value of hiddendirs: 
[13:35:36] End of scanning /usr
[13:35:36] Start scanning for hidden files in /usr/man...
[13:35:36] End of scanning /usr/man
[13:35:36] Start scanning for hidden files in /usr/man/man1...
[13:35:36] End of scanning /usr/man/man1



Syslog messages generated by these products can be received by MonitorWare Agent and WinSyslog.

All information in this section is to the best of our knowledge but without warrenty of any kind. This is free information - use it at your sole risk.

[Back to Log Samples]


MonitorWare
 Home
 The Products
MonitorWare Products
Product Comparison
Which one to Purchase?
Order and Pricing
Upgrade Insurance Info
News Releases
Version History
MonitorWare Tools
 Event Repository
 Download
 Reference library
General Information
Step-by-step guides
 - All
 - Installation and Configuration
 - Services related
 - Actions related
 - Central Monitoring
Common Uses
Syslog configuration
Syslog Log Samples
Security Reference
 Help
Support
Manual
FAQ
 - All
 - General questions
 - Configurations related
 - Monitorware Agent
 - Monitorware Console
Articles
Seminars Online
 - All
 - General
 - MonitorWare Console
 - MonitorWare Agent
 - WinSyslog related
 - EventReporter
 Order & pricing
Order now
Product Comparison
Pricing Information
Upgrade Insurance Info
Local Reseller
 Contact Us
 Search
 
 



Printer Version Send this page to a friend

Copyright © 1988-2005 Adiscon GmbH All rights reserved.
Contact us via Secure Web Response | Privacy Policy
Topic Links: syslog | Free Weblinks Directory