The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

7 POSSIBLE Trojans Detected

Discussion in 'General Discussion' started by mrcancel, Jun 8, 2007.

  1. mrcancel

    mrcancel Registered

    Joined:
    Jun 4, 2007
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Hello,
    Sorry for my english and my newbie !
    I have proceed scan for trojans on WHM and result below :
    Please help me explain them for me ! They are trojans or not ???
    Thanks you !
     
  2. ramprage

    ramprage Well-Known Member

    Joined:
    Jul 21, 2002
    Messages:
    667
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Canada
    Run rkhunter and chkrootkit, instead through shell. The trojan scanner in WHM is junk.
     
  3. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    But but but ... the trojan scanner in cpanel IS junk!!
     
  4. DaemonLee

    DaemonLee Member

    Joined:
    Jul 8, 2005
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    It very much is, junk.


    I 2nd the recommendations on chrootkit and rkhunter. Please use the aforementioned and then get back to us.
     
  5. Daniel15

    Daniel15 Well-Known Member

    Joined:
    Oct 7, 2006
    Messages:
    84
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    Yep, it's definitely junk... Here's what it returned for me:
    None of those files are trojans, I checked them myself.

    Yep, those dots it returns are quite useful :P
     
  6. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    The reason you get so many false-positives is that you have OS vendor installed rpms which cPanel overwrites with copies compiled from source. The Trojan function simply performs an rpm -V on the rpm database and reports the inconsistencies that this causes.

    For that reason, it isn't that much practical use and you're better off using a tool that monitors for binary/library file changes.
     
Loading...

Share This Page