Rkhunter Arquivos Suspeitos

1. Rkhunter Arquivos Suspeitos

felipe
Twixt

(usa Ubuntu)

Enviado em 13/09/2013 - 13:29h

Boa tarde a todos recentemente estava escaneando rkhunter os seguintes dados foram mostrados:

File properties checks...
Files checked: 133
Suspect files: 3

Rootkit checks...
Rootkits checked : 242
Possible rootkits: 0

Applications checks...
All checks skipped

The system checks took: 5 minutes and 32 seconds

All results have been written to the log file (/var/log/rkhunter.log)

One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter.log)

Usando o comando rkhunter -c --rwo os seguintes arquivos foram detectados

Warning: The command '/usr/bin/unhide.rb' has been replaced by a script: /usr/bin/unhide.rb: Ruby script, ASCII text
Warning: The file properties have changed:
File: /sbin/ifdown
Current hash: acd0b1e35f7c88663b5ae8f87bedbd2107c94c6a
Stored hash : 45d33275bee6dbc868870e269e2a89354629fdc0
Current inode: 8789835 Stored inode: 8781883
Current size: 51608 Stored size: 51544
Current file modification time: 1378942193 (11-Set-2013 20:29:53)
Stored file modification time : 1333588938 (04-Abr-2012 22:22:18)
Warning: The file properties have changed:
File: /sbin/ifup
Current hash: acd0b1e35f7c88663b5ae8f87bedbd2107c94c6a
Stored hash : 45d33275bee6dbc868870e269e2a89354629fdc0
Current inode: 8789835 Stored inode: 8781885
Current size: 51608 Stored size: 51544
Current file modification time: 1378942193 (11-Set-2013 20:29:53)
Stored file modification time : 1333588938 (04-Abr-2012 22:22:18)
Warning: Hidden directory found: /dev/.udev
Warning: Hidden file found: /dev/.initramfs: symbolic link to `/run/initramfs'

Gostaria de saber se algum arquivo é perigoso ou se poderia danificar o sistema caso fosse apagado ou ser alarme falso.No caso dos arquivos trocados teria como reverter para o arquivo original ?



  






Patrocínio

Site hospedado pelo provedor RedeHost.
Linux banner

Destaques

Artigos

Dicas

Tópicos

Top 10 do mês

Scripts