The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Are these trojans?

Discussion in 'General Discussion' started by BraveX, Nov 23, 2005.

  1. BraveX

    BraveX Well-Known Member

    Joined:
    Apr 8, 2005
    Messages:
    155
    Likes Received:
    0
    Trophy Points:
    16
    I just updated my cpanel to the latest release version and did a security scan. For the first time since I've had cpanel (about 6 mos), cpanel tells me there may be possible trojan horses on the server and returned a list of 15. I know from reading this forum that sometimes some of them are legit.

    Should I be worried about any of these?

    Thanks in advance for any assistance.




    Scanning for Trojan Horses.....
    .
    .
    Possible Trojan - /usr/lib/python2.2/site-packages/libxml2mod.la
    .
    Possible Trojan - /usr/lib/python2.2/site-packages/libxml2mod.so
    .
    .Possible Trojan - /usr/bin/xml2-config

    Possible Trojan - /usr/lib/libxml2.la

    Possible Trojan - /usr/bin/dbiprof

    Possible Trojan - /usr/bin/xmlcatalog
    .
    Possible Trojan - /usr/bin/xmllint
    .
    Possible Trojan - /usr/bin/xsltproc

    Possible Trojan - /usr/bin/pod2man
    .
    Possible Trojan - /usr/bin/pod2usage

    Possible Trojan - /usr/bin/podchecker

    Possible Trojan - /usr/bin/podselect

    Possible Trojan - /usr/bin/pstruct
    .
    Possible Trojan - /usr/bin/splain

    Possible Trojan - /usr/bin/xsubpp
    .
    15 POSSIBLE Trojans Detected
     
  2. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    36
    From what I understand, the trojan checker in WHM is not too reliable as it often returns a large proportion of false positives (i.e. items marked as trojans that aren't).

    You may well be better off checking your system (on a daily automated basis) with chkrootkit and rkhunter.

    http://www.chkrootkit.org/
    http://www.rootkit.nl/
     

Share This Page