systems:media_server:secure_the_server:install_rkhunter
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| systems:media_server:secure_the_server:install_rkhunter [2025/05/30 22:56] – peter | systems:media_server:secure_the_server:install_rkhunter [2025/05/31 07:46] (current) – peter | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Systems - Media Server - Secure the Server - Install rkhunter ====== | ====== Systems - Media Server - Secure the Server - Install rkhunter ====== | ||
| - | rkhunter is a rootkit detection tool. | + | **rkhunter** is a rootkit detection tool. |
| ---- | ---- | ||
| Line 134: | Line 134: | ||
| / | / | ||
| / | / | ||
| - | / | + | ... |
| - | / | + | ... |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | / | + | |
| - | + | ||
| - | Checking for rootkits... | + | |
| - | + | ||
| - | Performing check of known rootkit files and directories | + | |
| - | 55808 Trojan - Variant A [ Not found ] | + | |
| - | ADM Worm [ Not found ] | + | |
| - | AjaKit Rootkit | + | |
| - | Adore Rootkit | + | |
| - | aPa Kit [ Not found ] | + | |
| - | Apache Worm [ Not found ] | + | |
| - | Ambient (ark) Rootkit | + | |
| - | Balaur Rootkit | + | |
| - | BeastKit Rootkit | + | |
| - | beX2 Rootkit | + | |
| - | BOBKit Rootkit | + | |
| - | cb Rootkit | + | |
| - | CiNIK Worm (Slapper.B variant) | + | |
| - | Danny-Boy' | + | |
| - | Devil RootKit | + | |
| - | Diamorphine LKM [ Not found ] | + | |
| - | Dica-Kit Rootkit | + | |
| - | Dreams Rootkit | + | |
| - | Duarawkz Rootkit | + | |
| - | Ebury backdoor | + | |
| - | Enye LKM [ Not found ] | + | |
| - | Flea Linux Rootkit | + | |
| - | Fu Rootkit | + | |
| - | Fuck`it Rootkit | + | |
| - | GasKit Rootkit | + | |
| - | Heroin LKM [ Not found ] | + | |
| - | HjC Kit [ Not found ] | + | |
| - | ignoKit Rootkit | + | |
| - | IntoXonia-NG Rootkit | + | |
| - | Irix Rootkit | + | |
| - | Jynx Rootkit | + | |
| - | Jynx2 Rootkit | + | |
| - | KBeast Rootkit | + | |
| - | Kitko Rootkit | + | |
| - | Knark Rootkit | + | |
| - | ld-linuxv.so Rootkit | + | |
| - | Li0n Worm [ Not found ] | + | |
| - | Lockit / LJK2 Rootkit | + | |
| - | Mokes backdoor | + | |
| - | Mood-NT Rootkit | + | |
| - | MRK Rootkit | + | |
| - | Ni0 Rootkit | + | |
| - | Ohhara Rootkit | + | |
| - | Optic Kit (Tux) Worm [ Not found ] | + | |
| - | Oz Rootkit | + | |
| - | Phalanx Rootkit | + | |
| - | Phalanx2 Rootkit | + | |
| - | Phalanx2 Rootkit (extended tests) | + | |
| - | Portacelo Rootkit | + | |
| - | R3dstorm Toolkit | + | |
| - | RH-Sharpe' | + | |
| - | RSHA's Rootkit | + | |
| - | Scalper Worm [ Not found ] | + | |
| - | Sebek LKM [ Not found ] | + | |
| - | Shutdown Rootkit | + | |
| - | SHV4 Rootkit | + | |
| - | SHV5 Rootkit | + | |
| - | Sin Rootkit | + | |
| - | Slapper Worm [ Not found ] | + | |
| - | Sneakin Rootkit | + | |
| - | ' | + | |
| - | Suckit Rootkit | + | |
| - | Superkit Rootkit | + | |
| - | TBD (Telnet BackDoor) | + | |
| - | TeLeKiT Rootkit | + | |
| - | T0rn Rootkit | + | |
| - | trNkit Rootkit | + | |
| - | Trojanit Kit [ Not found ] | + | |
| - | Tuxtendo Rootkit | + | |
| - | URK Rootkit | + | |
| - | Vampire Rootkit | + | |
| - | VcKit Rootkit | + | |
| - | Volc Rootkit | + | |
| - | Xzibit Rootkit | + | |
| - | zaRwT.KiT Rootkit | + | |
| - | ZK Rootkit | + | |
| - | + | ||
| - | Performing additional rootkit checks | + | |
| - | Suckit Rootkit additional checks | + | |
| - | Checking for possible rootkit files and directories | + | |
| - | Checking for possible rootkit strings | + | |
| - | + | ||
| - | Performing malware checks | + | |
| - | Checking running processes for suspicious files [ None found ] | + | |
| - | Checking for login backdoors | + | |
| - | Checking for sniffer log files [ None found ] | + | |
| - | Checking for suspicious directories | + | |
| - | Checking for suspicious (large) shared memory segments | + | |
| - | Checking for Apache backdoor | + | |
| - | + | ||
| - | Performing Linux specific checks | + | |
| - | Checking loaded kernel modules | + | |
| - | Checking kernel module names [ OK ] | + | |
| - | + | ||
| - | Checking the network... | + | |
| - | + | ||
| - | Performing checks on the network ports | + | |
| - | Checking for backdoor ports [ None found ] | + | |
| - | + | ||
| - | Performing checks on the network interfaces | + | |
| - | Checking for promiscuous interfaces | + | |
| - | + | ||
| - | Checking the local host... | + | |
| - | + | ||
| - | Performing system boot checks | + | |
| - | Checking for local host name [ Found ] | + | |
| - | Checking for system startup files [ Found ] | + | |
| - | Checking system startup files for malware | + | |
| - | + | ||
| - | Performing group and account checks | + | |
| - | Checking for passwd file [ Found ] | + | |
| - | Checking for root equivalent (UID 0) accounts | + | |
| - | Checking for passwordless accounts | + | |
| - | Checking for passwd file changes | + | |
| - | Checking for group file changes | + | |
| - | Checking root account shell history files [ OK ] | + | |
| - | + | ||
| - | Performing system configuration file checks | + | |
| - | Checking for an SSH configuration file [ Found ] | + | |
| - | Checking if SSH root access is allowed | + | |
| - | Checking if SSH protocol v1 is allowed | + | |
| - | Checking for other suspicious configuration settings | + | |
| - | Checking for a running system logging daemon | + | |
| - | Checking for a system logging configuration file [ Found ] | + | |
| - | Checking if syslog remote logging is allowed | + | |
| - | + | ||
| - | Performing filesystem checks | + | |
| - | Checking /dev for suspicious file types [ None found ] | + | |
| - | Checking for hidden files and directories | + | |
| System checks summary | System checks summary | ||
| Line 413: | Line 158: | ||
| Please check the log file (/ | Please check the log file (/ | ||
| - | </WRAP> | + | </code> |
systems/media_server/secure_the_server/install_rkhunter.1748645796.txt.gz · Last modified: 2025/05/30 22:56 by peter