The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Am I rooted?

Discussion in 'General Discussion' started by kmsd, Mar 12, 2006.

  1. kmsd

    kmsd Well-Known Member

    Joined:
    May 21, 2003
    Messages:
    73
    Likes Received:
    0
    Trophy Points:
    6
    See the four bad System tools. Am I in trouble here?

    Code:
    Rootkit Hunter 1.2.8 is running
    
    Determining OS... Ready
    
    
    Checking binaries
    * Selftests
        Strings (command)     [ OK ]
    
    
    * System tools
     Performing 'known good' check...
      /bin/cat  [ OK ]
      /bin/chmod  [ OK ]
      /bin/chown  [ OK ]
      /bin/dmesg  [ BAD ]
      /bin/egrep  [ OK ]
      /bin/env  [ OK ]
      /bin/fgrep  [ OK ]
      /bin/grep  [ OK ]
      /bin/kill  [ BAD ]
      /bin/login  [ BAD ]
      /bin/ls  [ OK ]
      /bin/mount  [ BAD ]
      /bin/netstat  [ OK ]
      /bin/ps  [ OK ]
      /bin/su  [ OK ]
      /sbin/chkconfig  [ OK ]
      /sbin/depmod  [ OK ]
      /sbin/ifconfig  [ OK ]
      /sbin/init  [ OK ]
      /sbin/insmod  [ OK ]
      /sbin/modinfo  [ OK ]
      /sbin/runlevel  [ OK ]
      /sbin/sysctl  [ OK ]
      /sbin/syslogd  [ OK ]
      /usr/bin/file  [ OK ]
      /usr/bin/find  [ OK ]
      /usr/bin/kill  [ OK ]
      /usr/bin/killall  [ OK ]
      /usr/bin/lsattr  [ OK ]
      /usr/bin/pstree  [ OK ]
      /usr/bin/sha1sum  [ OK ]
      /usr/bin/stat  [ OK ]
      /usr/bin/users  [ OK ]
      /usr/bin/w  [ OK ]
      /usr/bin/watch  [ OK ]
      /usr/bin/who  [ OK ]
      /usr/bin/whoami  [ OK ]
    --------------------------------------------------------------------------------
    Rootkit Hunter found some bad or unknown hashes. This can be happen due replaced
    binaries or updated packages (which give other hashes). Be sure your hashes are
    fully updated (rkhunter --update). If you're in doubt about these hashes, contact
    the author (fill in the contact form).
    --------------------------------------------------------------------------------
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Not necessarily. What OS are you running? If it's RH9 with FedoraLegacy updates then it's because the rkhunter developers haven't updated 4 of the md5sums for those RH9 binaries and so shouldn't be anything to worry about.
     

Share This Page