Yesterday onwards lot of sites hosted in server is redirecting to server default home page, after that we checked
roothkits through rootkit hunter it t is showing some binaries are BAD, is it a hack, how can i fix this
/bin/ls [ OK ]
/bin/mount [ OK ]
/bin/netstat [ OK ]
/bin/ps [ OK ]
/bin/su [ OK ]
/sbin/chkconfig [ BAD ]
/sbin/depmod [ BAD ]
/sbin/ifconfig [ OK ]
/sbin/init [ OK ]
/sbin/insmod [ BAD ]
/sbin/modinfo [ BAD ]
/sbin/runlevel [ OK ]
/sbin/sysctl [ OK ]
/sbin/syslogd [ OK ]
/usr/bin/file [ OK ]
/usr/bin/find [ BAD ]
/usr/bin/groups [ OK ]
MD5
MD5 compared: 119
Incorrect MD5 checksums: 5
File scan
Scanned files: 310
Possible infected files: 0
Possible rootkits:
Scanning took 228 seconds
roothkits through rootkit hunter it t is showing some binaries are BAD, is it a hack, how can i fix this
/bin/ls [ OK ]
/bin/mount [ OK ]
/bin/netstat [ OK ]
/bin/ps [ OK ]
/bin/su [ OK ]
/sbin/chkconfig [ BAD ]
/sbin/depmod [ BAD ]
/sbin/ifconfig [ OK ]
/sbin/init [ OK ]
/sbin/insmod [ BAD ]
/sbin/modinfo [ BAD ]
/sbin/runlevel [ OK ]
/sbin/sysctl [ OK ]
/sbin/syslogd [ OK ]
/usr/bin/file [ OK ]
/usr/bin/find [ BAD ]
/usr/bin/groups [ OK ]
MD5
MD5 compared: 119
Incorrect MD5 checksums: 5
File scan
Scanned files: 310
Possible infected files: 0
Possible rootkits:
Scanning took 228 seconds