RK Hunter Log Samples

Samples genereated with firmware version: -
Date entry created: 2004-03-29

 

Download the Complete Logfile Sample as Zip-File

[13:35:14] Application scan started
[13:35:14] Info: WGET found
[13:35:14] [13:35:14] Info: NMAP found
[13:35:14] Application scan ended
[13:35:14] Info: Found /etc/redhat-release
[13:35:14] [13:35:14] Warning: this operating system is not fully supported!
[13:35:14] Info: Using to verify MD5 hashes
[13:35:14] Info: found
[13:35:14] Info: /usr/local/rkhunter/tmp is present
[13:35:14] Info: UID is zero (root)
[13:35:14] [13:35:14] Info: Perl version 5.8.1 found
[13:35:14] [13:35:14] Info: Digest::MD5 installed (version 2.30).
[13:35:14] Using Perl Digest::MD5 module instead of /usr/bin/md5sum
------------------------------ Selftests ------------------------------
[13:35:15] [13:35:15] *** Start scan 55808 Trojan - Variant A ***
[13:35:15] Scanning for file /tmp/.../r... OK. Not found.
[13:35:15] Scanning for file /tmp/.../a... OK. Not found.
[13:35:15] [13:35:15] *** Start scan Apache Worm ***
[13:35:15] Scanning for file /bin/.log... OK. Not found.
[13:35:15] [13:35:15] *** Start scan Ambient (ark) Rootkit ***
[13:35:15] Scanning for file /usr/lib/.ark?... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /dev/ptyxx... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan BeastKit ***
[13:35:15] Scanning for file /usr/sbin/arobia... OK. Not found.
[13:35:15] Scanning for file /usr/sbin/idrun... OK. Not found.
[13:35:15] Scanning for file /usr/lib/elm/arobia/elm... OK. Not found.
[13:35:15] Scanning for file /usr/lib/elm/arobia/elm/hk... OK. Not found.
[13:35:15] Scanning for file /usr/lib/elm/arobia/elm/hk.pub... OK. Not found.
[13:35:15] Scanning for file /usr/lib/elm/arobia/elm/sc... OK. Not found.
[13:35:15] Scanning for file /usr/lib/elm/arobia/elm/sd.pp... OK. Not found.
[13:35:15] Scanning for file /usr/lib/elm/arobia/elm/sdco... OK. Not found.
[13:35:15] Scanning for file /usr/lib/elm/arobia/elm/srsd... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /lib/ldd.so/bktools... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan BOBKit ***
[13:35:15] Scanning for file /usr/sbin/ntpsx... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../ls... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../netstat... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../lsof... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../bkit-ssh/bkit-shdcfg... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../bkit-ssh/bkit-shhk... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../bkit-ssh/bkit-pw... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../bkit-ssh/bkit-shrs... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../uconf.inv... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../psr... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../find... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../pstree... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../slocate... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../du... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.../top... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/...... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/.../bkit-ssh... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/.bkit-... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /tmp/.bkp... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan CiNIK Worm (Slapper.B variant) ***
[13:35:15] Scanning for file /tmp/.cinik... OK. Not found.
[13:35:15] [13:35:15] *** Start scan Devil RootKit ***
[13:35:15] Scanning for file /var/lib/games/.src... OK. Not found.
[13:35:15] Scanning for file /dev/dsx... OK. Not found.
[13:35:15] Scanning for file /dev/caca... OK. Not found.
[13:35:15] [13:35:15] *** Start scan Dica ***
[13:35:15] Scanning for file /lib/.sso... OK. Not found.
[13:35:15] Scanning for file /lib/.so... OK. Not found.
[13:35:15] [13:35:15] *** Start scan FreeBSD Rootkit ***
[13:35:15] Scanning for file /usr/lib/.fx/sched_host.2... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.fx/random_d.2... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.fx/set_pid.2... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.fx/cons.saver... OK. Not found.
[13:35:15] Scanning for file /usr/lib/.fx/adore/adore/adore.ko... OK. Not found.
[13:35:15] Scanning for file /bin/sysback... OK. Not found.
[13:35:15] Scanning for file /usr/local/bin/sysback... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/.fx... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/.fx/adore... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan Fuck`it Rootkit ***
[13:35:15] Scanning for file /dev/proc/fuckit/hax0r... OK. Not found.
[13:35:15] Scanning for file /dev/proc/fuckit/hax0rshell... OK. Not found.
[13:35:15] Scanning for file /dev/proc/fuckit/config/lports... OK. Not found.
[13:35:15] Scanning for file /dev/proc/fuckit/config/rports... OK. Not found.
[13:35:15] Scanning for file /dev/proc/fuckit/config/rkconf... OK. Not found.
[13:35:15] Scanning for file /dev/proc/fuckit/config/password... OK. Not found.
[13:35:15] Scanning for file /dev/proc/fuckit/config/progs... OK. Not found.
[13:35:15] Scanning for file /dev/proc/system-bins/init... OK. Not found.
[13:35:15] [13:35:15] *** Start scan GasKit ***
[13:35:15] Scanning for file /dev/dev/gaskit/sshd/sshdd... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /dev/dev... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /dev/dev/gaskit... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /dev/dev/gaskit/sshd... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan ImperalsS-FBRK ***
[13:35:15] [13:35:15] Scanning for directory /dev/fd/.88... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /dev/fd/.99... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan Li0n Worm ***
[13:35:15] Scanning for file /bin/in.telnetd... OK. Not found.
[13:35:15] Scanning for file /bin/mjy... OK. Not found.
[13:35:15] Scanning for file /usr/man/man1/man1/lib/.lib/mjy... OK. Not found.
[13:35:15] Scanning for file /usr/man/man1/man1/lib/.lib/in.telnetd... OK. Not found.
[13:35:15] Scanning for file /usr/man/man1/man1/lib/.lib/.x... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/1i0n.sh... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/hack.sh... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/bind... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/randb... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/scan.sh... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/pscan... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/star.sh... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/bindx.sh... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/scan/bindname.log... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/1i0n.sh... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/lib/netstat... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/lib/dev/.1addr... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/lib/dev/.1logz... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/lib/dev/.1proc... OK. Not found.
[13:35:15] Scanning for file /dev/.lib/lib/lib/dev/.1file... OK. Not found.
[13:35:15] [13:35:15] *** Start scan MRK ***
[13:35:15] Scanning for file /dev/ida/.inet/pid... OK. Not found.
[13:35:15] Scanning for file /dev/ida/.inet/ssh_host_key... OK. Not found.
[13:35:15] Scanning for file /dev/ida/.inet/ssh_random_seed... OK. Not found.
[13:35:15] Scanning for file /dev/ida/.inet/tcp.log... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /dev/ida/.inet... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /var/spool/cron/.sh... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan RootKit for SunOS / NSDAP ***
[13:35:15] Scanning for file /usr/lib/vold/nsdap... OK. Not found.
[13:35:15] [13:35:15] *** Start scan Optic Kit (Tux) ***
[13:35:15] [13:35:15] Scanning for directory /dev/tux... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/bin/xchk... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/bin/xsf... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/bin/ssh2d... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan Oz Rootkit ***
[13:35:15] Scanning for file /dev/.oz/.nap/rkit/terror... OK. Not found.
[13:35:15] [13:35:15] *** Start scan Portacelo ***
[13:35:15] Scanning for file /var/lib/.../.ak... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../.hk... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../.rs... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../.p... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../getty... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../lkt.o... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../show... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../nlkt.o... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../ssshrc... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../sssh_equiv... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../sssh_known_hosts... OK. Not found.
[13:35:15] Scanning for file /var/lib/.../sssh_pid... OK. Not found.
[13:35:15] Scanning for file ~/.sssh/known_hosts... OK. Not found.
Debug: Sebek LKM
[13:35:15] [13:35:15] *** Start scan Scalper Worm ***
[13:35:15] Scanning for file /tmp/.a... OK. Not found.
[13:35:15] Scanning for file /tmp/.uua... OK. Not found.
[13:35:15] [13:35:15] *** Start scan SHV4 ***
[13:35:15] Scanning for file /etc/ld.so.hash... OK. Not found.
[13:35:15] Scanning for file /lib/libext-2.so.7... OK. Not found.
[13:35:15] Scanning for file /lib/lidps1.so... OK. Not found.
[13:35:15] Scanning for file /usr/sbin/xntps... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /lib/security/.config... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /lib/security/.config/ssh... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] *** Start scan Slapper ***
[13:35:15] Scanning for file /tmp/.bugtraq... OK. Not found.
[13:35:15] Scanning for file /tmp/.uubugtraq... OK. Not found.
[13:35:15] Scanning for file /tmp/.bugtraq.c... OK. Not found.
[13:35:15] Scanning for file /tmp/httpd... OK. Not found.
[13:35:15] Scanning for file /tmp/.unlock... OK. Not found.
[13:35:15] Scanning for file /tmp/update... OK. Not found.
[13:35:15] Scanning for file /tmp/.cinik... OK. Not found.
[13:35:15] Scanning for file /tmp/.b... OK. Not found.
[13:35:15] [13:35:15] *** Start scan SunOS Rootkit ***
[13:35:15] Scanning for file /etc/ld.so.hash... OK. Not found.
[13:35:15] Scanning for file /lib/libext-2.so.7... OK. Not found.
[13:35:15] Scanning for file /usr/bin/ssh2d... OK. Not found.
[13:35:15] Scanning for file /bin/xlogin... OK. Not found.
[13:35:15] Scanning for file /usr/lib/crth.o... OK. Not found.
[13:35:15] Scanning for file /usr/lib/crtz.o... OK. Not found.
[13:35:15] Scanning for file /sbin/login... OK. Not found.
[13:35:15] Scanning for file /lib/security/.config/sn... OK. Not found.
[13:35:15] Scanning for file /lib/security/.config/lpsched... OK. Not found.
[13:35:15] Scanning for file /dev/kmod... OK. Not found.
[13:35:15] Scanning for file /dev/dos... OK. Not found.
[13:35:15] [13:35:15] *** Start scan TBD (Telnet BackDoor) ***
[13:35:15] Scanning for file /usr/lib/.tbd... OK. Not found.
[13:35:15] [13:35:15] *** Start scan X-Org SunOS Rootkit ***
[13:35:15] Scanning for file /usr/lib/libX.a/bin/tmpfl... OK. Not found.
[13:35:15] Scanning for file /usr/lib/libX.a/bin/rps... OK. Not found.
[13:35:15] Scanning for file /usr/bin/srload... OK. Not found.
[13:35:15] Scanning for file /usr/lib/libX.a/bin/sparcv7/rps... OK. Not found.
[13:35:15] Scanning for file /usr/sbin/modcheck... OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/libX.a... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/libX.a/bin... [13:35:15] OK. Not found.
[13:35:15] [13:35:15] Scanning for directory /usr/lib/libX.a/bin/sparcv7... [13:35:15] OK. Not found.
/dev/ttyp clean
/dev/ttypr clean
/dev/ttypp clean
/dev/ttypq clean
/dev/ptyxx/.list clean
/dev/ptyxx/.proc clean
/tmp/.X11-unix/.../rk .[32C[ .[1;32mNot found.[0;39m ]
/usr/X11R6/bin/.,/copy/ .[32C[ .[1;32mNot found.[0;39m ]
/dev/rd .[32C[ .[1;32mNot found.[0;39m ]
[13:35:21] Checking /usr/bin/netstat... Not found
[13:35:21] Checking /bin/ps... [ OK ]
[13:35:21] Checking /bin/ls... [ OK ]
[13:35:21] Checking /usr/bin/w... [ OK ]
[13:35:21] Checking /usr/bin/who... [ OK ]
[13:35:21] Checking /bin/netstat... [ OK ]
[13:35:21] Checking /usr/bin/netstat... Not found
[13:35:21] Checking /bin/login... [ OK ]
[13:35:36] Start scanning for hidden files in /dev...
[13:35:36] Value of hiddendirs: 
[13:35:36] End of scanning /dev
[13:35:36] Start scanning for hidden files in /bin...
[13:35:36] Value of hiddendirs: 
[13:35:36] End of scanning /bin
[13:35:36] Start scanning for hidden files in /usr...
[13:35:36] Value of hiddendirs: 
[13:35:36] End of scanning /usr
[13:35:36] Start scanning for hidden files in /usr/man...
[13:35:36] End of scanning /usr/man
[13:35:36] Start scanning for hidden files in /usr/man/man1...
[13:35:36] End of scanning /usr/man/man1



Syslog messages generated by these products can be received by MonitorWare Agent and WinSyslog.

All information in this section is to the best of our knowledge but without warrenty of any kind. This is free information - use it at your sole risk.

[Back to Log Samples]


 

Back to Non-Printer Version