rkhunter Plesk9.2

Diskutiere rkhunter Plesk9.2 im Sicherheit Forum im Bereich Plesk-Forum; Guten Morgen Liebes Forum, nach dem update von plesk 9.1 auf 9.2 habe ich ein kleines problem mit rkhunter! ich poste mal die ausgabe: [ ...

Ergebnis 1 bis 3 von 3
  1. 30.04.2009 09:45 #1
    visionmaster

    rkhunter Plesk9.2

    Guten Morgen Liebes Forum,

    nach dem update von plesk 9.1 auf 9.2 habe ich ein kleines problem mit rkhunter!

    ich poste mal die ausgabe:

    [ Rootkit Hunter version 1.3.4 ]

    Checking rkhunter data files...
    Checking file mirrors.dat [ No update ]
    Checking file programs_bad.dat [ No update ]
    Checking file backdoorports.dat [ No update ]
    Checking file suspscan.dat [ No update ]
    Checking file i18n/cn [ No update ]
    Checking file i18n/de [ No update ]
    Checking file i18n/en [ No update ]
    Checking file i18n/zh [ No update ]
    Checking file i18n/zh.utf8 [ No update ]
    [ Rootkit Hunter version 1.3.4 ]

    Checking system commands...

    Performing 'strings' command checks
    Checking 'strings' command [ OK ]

    Performing 'shared libraries' checks
    Checking for preloading variables [ None found ]
    Checking for preload file [ Not found ]
    Checking LD_LIBRARY_PATH variable [ Not found ]

    Performing file properties checks
    Checking for prerequisites [ Warning ]
    /bin/bash [ OK ]
    /bin/cat [ OK ]
    /bin/chmod [ OK ]
    /bin/chown [ OK ]
    /bin/cp [ OK ]
    /bin/date [ OK ]
    /bin/df [ OK ]
    /bin/dmesg [ OK ]
    /bin/echo [ OK ]
    /bin/ed [ OK ]
    /bin/egrep [ Warning ]
    /bin/fgrep [ Warning ]
    /bin/fuser [ OK ]
    /bin/grep [ OK ]
    /bin/kill [ OK ]
    /bin/login [ OK ]
    /bin/ls [ OK ]
    /bin/lsmod [ OK ]
    /bin/mktemp [ OK ]
    /bin/more [ OK ]
    /bin/mount [ OK ]
    /bin/mv [ OK ]
    /bin/netstat [ OK ]
    /bin/ps [ OK ]
    /bin/pwd [ OK ]
    /bin/readlink [ OK ]
    /bin/sed [ OK ]
    /bin/sh [ OK ]
    /bin/su [ OK ]
    /bin/touch [ OK ]
    /bin/uname [ OK ]
    /bin/which [ Warning ]
    /usr/bin/awk [ OK ]
    /usr/bin/basename [ OK ]
    /usr/bin/chattr [ OK ]
    /usr/bin/cut [ OK ]
    /usr/bin/diff [ OK ]
    /usr/bin/dirname [ OK ]
    /usr/bin/dpkg [ OK ]
    /usr/bin/dpkg-query [ OK ]
    /usr/bin/du [ OK ]
    /usr/bin/env [ OK ]
    /usr/bin/file [ OK ]
    /usr/bin/find [ OK ]
    /usr/bin/GET [ OK ]
    /usr/bin/groups [ Warning ]
    /usr/bin/head [ OK ]
    /usr/bin/id [ OK ]
    /usr/bin/killall [ OK ]
    /usr/bin/last [ OK ]
    /usr/bin/lastlog [ OK ]
    /usr/bin/ldd [ Warning ]
    /usr/bin/locate [ OK ]
    /usr/bin/logger [ OK ]
    /usr/bin/lsattr [ OK ]
    /usr/bin/mail [ OK ]
    /usr/bin/md5sum [ OK ]
    /usr/bin/newgrp [ OK ]
    /usr/bin/passwd [ OK ]
    /usr/bin/perl [ OK ]
    /usr/bin/pstree [ OK ]
    /usr/bin/rkhunter [ OK ]
    /usr/bin/runcon [ OK ]
    /usr/bin/sha1sum [ OK ]
    /usr/bin/size [ OK ]
    /usr/bin/sort [ OK ]
    /usr/bin/stat [ OK ]
    /usr/bin/strings [ OK ]
    /usr/bin/tail [ OK ]
    /usr/bin/test [ OK ]
    /usr/bin/top [ OK ]
    /usr/bin/touch [ OK ]
    /usr/bin/tr [ OK ]
    /usr/bin/uniq [ OK ]
    /usr/bin/users [ OK ]
    /usr/bin/vmstat [ OK ]
    /usr/bin/w [ OK ]
    /usr/bin/watch [ OK ]
    /usr/bin/wc [ OK ]
    /usr/bin/wget [ OK ]
    /usr/bin/whatis [ OK ]
    /usr/bin/whereis [ OK ]
    /usr/bin/which [ OK ]
    /usr/bin/who [ OK ]
    /usr/bin/whoami [ OK ]
    /usr/bin/gawk [ OK ]
    /usr/bin/lwp-request [ Warning ]
    /usr/bin/w.procps [ OK ]
    /sbin/depmod [ OK ]
    /sbin/ifconfig [ OK ]
    /sbin/ifdown [ OK ]
    /sbin/ifup [ OK ]
    /sbin/init [ OK ]
    /sbin/insmod [ OK ]
    /sbin/lsmod [ OK ]
    /sbin/modinfo [ OK ]
    /sbin/modprobe [ OK ]
    /sbin/rmmod [ OK ]
    /sbin/runlevel [ OK ]
    /sbin/sulogin [ OK ]
    /sbin/sysctl [ OK ]
    /sbin/syslogd [ OK ]
    /usr/sbin/adduser [ OK ]
    /usr/sbin/chroot [ OK ]
    /usr/sbin/cron [ OK ]
    /usr/sbin/groupadd [ OK ]
    /usr/sbin/groupdel [ OK ]
    /usr/sbin/groupmod [ OK ]
    /usr/sbin/grpck [ OK ]
    /usr/sbin/inetd [ OK ]
    /usr/sbin/nologin [ OK ]
    /usr/sbin/pwck [ OK ]
    /usr/sbin/tcpd [ OK ]
    /usr/sbin/useradd [ OK ]
    /usr/sbin/userdel [ OK ]
    /usr/sbin/usermod [ OK ]
    /usr/sbin/vipw [ OK ]
    /usr/sbin/xinetd [ OK ]

    [Press <ENTER> to continue]

    Checking for rootkits...

    Performing check of known rootkit files and directories
    55808 Trojan - Variant A [ Not found ]
    ADM Worm [ Not found ]
    AjaKit Rootkit [ Not found ]
    aPa Kit [ Not found ]
    Apache Worm [ Not found ]
    Ambient (ark) Rootkit [ Not found ]
    Balaur Rootkit [ Not found ]
    BeastKit Rootkit [ Not found ]
    beX2 Rootkit [ Not found ]
    BOBKit Rootkit [ Not found ]
    CiNIK Worm (Slapper.B variant) [ Not found ]
    Danny-Boy's Abuse Kit [ Not found ]
    Devil RootKit [ Not found ]
    Dica-Kit Rootkit [ Not found ]
    Dreams Rootkit [ Not found ]
    Duarawkz Rootkit [ Not found ]
    Enye LKM [ Not found ]
    Flea Linux Rootkit [ Not found ]
    FreeBSD Rootkit [ Not found ]
    Fuck`it Rootkit [ Not found ]
    GasKit Rootkit [ Not found ]
    Heroin LKM [ Not found ]
    HjC Kit [ Not found ]
    ignoKit Rootkit [ Not found ]
    ImperalsS-FBRK Rootkit [ Not found ]
    IntoXonia-NG Rootkit [ Not found ]
    Irix Rootkit [ Not found ]
    Kitko Rootkit [ Not found ]
    Knark Rootkit [ Not found ]
    Li0n Worm [ Not found ]
    Lockit / LJK2 Rootkit [ Not found ]
    Mood-NT Rootkit [ Not found ]
    MRK Rootkit [ Not found ]
    Ni0 Rootkit [ Not found ]
    Ohhara Rootkit [ Not found ]
    Optic Kit (Tux) Worm [ Not found ]
    Oz Rootkit [ Not found ]
    Phalanx Rootkit [ Not found ]
    Phalanx Rootkit (strings) [ Not found ]
    Phalanx2 Rootkit [ Not found ]
    Phalanx2 Rootkit (extended tests) [ Not found ]
    Portacelo Rootkit [ Not found ]
    R3dstorm Toolkit [ Not found ]
    RH-Sharpe's Rootkit [ Not found ]
    RSHA's Rootkit [ Not found ]
    Scalper Worm [ Not found ]
    Sebek LKM [ Not found ]
    Shutdown Rootkit [ Not found ]
    SHV4 Rootkit [ Not found ]
    SHV5 Rootkit [ Not found ]
    Sin Rootkit [ Not found ]
    Slapper Worm [ Not found ]
    Sneakin Rootkit [ Not found ]
    Suckit Rootkit [ Not found ]
    SunOS Rootkit [ Not found ]
    SunOS / NSDAP Rootkit [ Not found ]
    Superkit Rootkit [ Not found ]
    TBD (Telnet BackDoor) [ Not found ]
    TeLeKiT Rootkit [ Not found ]
    T0rn Rootkit [ Not found ]
    Trojanit Kit [ Not found ]
    Tuxtendo Rootkit [ Not found ]
    URK Rootkit [ Not found ]
    Vampire Rootkit [ Not found ]
    VcKit Rootkit [ Not found ]
    Volc Rootkit [ Not found ]
    X-Org SunOS Rootkit [ Not found ]
    zaRwT.KiT Rootkit [ Not found ]

    Performing additional rootkit checks
    Suckit Rookit additional checks [ OK ]
    Checking for possible rootkit files and directories [ None found ]
    Checking for possible rootkit strings [ None found ]

    Performing malware checks
    Checking running processes for suspicious files [ Skipped ]
    Checking for login backdoors [ None found ]
    Checking for suspicious directories [ None found ]
    Checking for sniffer log files [ None found ]

    Performing trojan specific checks
    Checking for enabled xinetd services [ Warning ]
    Checking for Apache backdoor [ Not found ]

    Performing Linux specific checks
    Checking loaded kernel modules [ OK ]
    Checking kernel module names [ OK ]

    [Press <ENTER> to continue]

    Checking the network...

    Performing check for backdoor ports
    Checking for UDP port 2001 [ Not found ]
    Checking for TCP port 2006 [ Not found ]
    Checking for TCP port 2128 [ Not found ]
    Checking for TCP port 14856 [ Not found ]
    Checking for TCP port 47107 [ Not found ]
    Checking for TCP port 60922 [ Not found ]

    Performing checks on the network interfaces
    Checking for promiscuous interfaces [ None found ]

    [Press <ENTER> to continue]

    Checking the local host...

    Performing system boot checks
    Checking for local host name [ Found ]
    Checking for system startup files [ Found ]
    Checking system startup files for malware [ None found ]

    Performing group and account checks
    Checking for passwd file [ Found ]
    Checking for root equivalent (UID 0) accounts [ None found ]
    Checking for passwordless accounts [ None found ]
    Checking for passwd file changes [ None found ]
    Checking for group file changes [ None found ]
    Checking root account shell history files [ OK ]

    Performing system configuration file checks
    Checking for SSH configuration file [ Found ]
    Checking if SSH root access is allowed [ Warning ]
    Checking if SSH protocol v1 is allowed [ Not allowed ]
    Checking for running syslog daemon [ Found ]
    Checking for syslog configuration file [ Found ]
    Checking if syslog remote logging is allowed [ Not allowed ]

    Performing filesystem checks
    Checking /dev for suspicious file types [ None found ]
    Checking for hidden files and directories [ Warning ]

    [Press <ENTER> to continue]

    Checking application versions...

    Checking version of GnuPG [ OK ]
    Checking version of Bind DNS [ OK ]
    Checking version of OpenSSL [ OK ]
    Checking version of PHP [ OK ]
    Checking version of ProFTPd [ OK ]
    Checking version of OpenSSH [ OK ]


    System checks summary
    =====================

    File properties checks...
    Required commands check failed
    Files checked: 118
    Suspect files: 6

    Rootkit checks...
    Rootkits checked : 114
    Possible rootkits: 0

    Applications checks...
    Applications checked: 6
    Suspect applications: 0

    The system checks took: 23 seconds

    All results have been written to the logfile (/var/log/rkhunter.log)

    One or more warnings have been found while checking the system.
    Please check the log file (/var/log/rkhunter.log)

    ich bin mir sicher das es vor dem update nicht war....
    hat jemand eine idee ? sonst scheint alles zu klappen.
    •    

      MisterAd


        
       
  2. 06.05.2009 15:16 #2
    visionmaster

    Re: rkhunter Plesk9.2

    hm... schade das keiner antwortet...
  3. 24.02.2010 10:29 #3
    tbohl

    AW: rkhunter Plesk9.2

    hallo,

    habe auch das problem. gibt es dafür eine erklärung?

    beste grüße

    tom

rkhunter Plesk9.2

« Schutz von übergeordneten Verzeichnissen | Suche Dringend einen Profi zum wiederherstellen eines Plesk Backup »

Ähnliche Themen zu rkhunter Plesk9.2

  1. Plesk9: Backup fehlgeschlagen

    Plesk9: Backup fehlgeschlagen: Hallo. Habe da ein kleines Problemchen mit Plesk 9.2.1. Bereits seit einiger Zeit habe ich ein...


  2. Plesk9 und FTP-Backup

    Plesk9 und FTP-Backup: Hallo, ich habe ein Plesk 8.6 (bei 1und1 als Rootserver mit Suse 10.3) und habe Backups auf den...


  3. XML-Api in Plesk9 -> wie???

    XML-Api in Plesk9 -> wie???: Hallo, ich würde gern user und domains über die xml-schnittstelle anlegen, jedoch weis ich nicht,...


  4. plesk9.x mod_rewrite

    plesk9.x mod_rewrite: Moin zusammen, ich gehöre leider, durch unglückliche Umstände, zu den Plesk9 geschädigten....


  5. mod_rewrite | php-cgi | Plesk9

    mod_rewrite | php-cgi | Plesk9: Moin zusammen, sobald ich für eine Domain php als cgi ausführe bekomme ich ins error.log des...


Besucher kamen mit folgenden Begriffen auf die Seite:

plesk rkhunter

rkhunter plesk

rkhunter warnings found for
rkhunter
rkhunter xinetd
Checking for enabled xinetd services
plesk rkhunter update
[rkhunter] Warnings found
rkhunter Checking for prerequisites
rkhunter warnings
Rkhunter Checking for hidden files and directories [ Warning ]
plesk rkhunter Warnings found for
Rootkit Hunter version 1.3.4
PLESK [rkhunter] Warnings found for
Performing trojan specific checks Checking for enabled xinetd services
plesk rkhunter warning
[rkhunter] Warnings found for plesk
Checking for hidden files and directories
SHV4 Rootkit
Checking for prerequisites rkhunter
[rkhunter] Warnings found for www
rkhunter /usr/bin/mail warning
SHV4 Rootkit SHV5 Rootkit
rkhunter Checking for hidden files and directories warning
Checking rkhunter data files