Бормотухи.НЕТ

Вернуться   Бормотухи.НЕТ > Компьютеры > Операционные системы > Linux
Расширенный поиск

Ответ
 
Опции темы Поиск в этой теме
Старый 14.06.2010, 13:29 Вверх   #1
Коварный тип
 
Аватар для Serberg
Serberg вне форума
Доп. информация
Хорошо Проверяем Ubuntu Linux на наличие руткитов.

Для начала запускаем териминал или подключаеся к серверу через SSH. Вам предложат залогиниться, после этого появляется информация о состоянии системы:

Код:
  System information as of Mon Jun 14 11:00:01 CEST 2010

  System load:  3.73               Swap usage:  0%     Users logged in: 0
  Usage of /:   4.7% of 141.91GB   Temperature: 48 C
  Memory usage: 51%                Processes:   118

  Graph this data and manage this system at https://landscape.canonical.com/

48 packages can be updated.
82 updates are security updates.
Теперь ставим утилиту chkrootkit командой:

sudo apt-get install chkrootkit

Появляется диалог следующего типа:

Код:
root@sds:~# sudo apt-get install chkrootkit
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
  binutils
Suggested packages:
  binutils-doc
The following NEW packages will be installed:
  binutils chkrootkit
0 upgraded, 2 newly installed, 0 to remove and 43 not upgraded.
Need to get 1853kB of archives.
After this operation, 9515kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 ftp://mirror.hetzner.de jaunty/main binutils 2.19.1-0ubuntu3 [1554kB]
Get:2 ftp://mirror.hetzner.de jaunty/main chkrootkit 0.48-9 [299kB]
Fetched 1853kB in 0s (3979kB/s)
Preconfiguring packages ...
Selecting previously deselected package binutils.
(Reading database ... 32078 files and directories currently installed.)
Unpacking binutils (from .../binutils_2.19.1-0ubuntu3_i386.deb) ...
Selecting previously deselected package chkrootkit.
Unpacking chkrootkit (from .../chkrootkit_0.48-9_i386.deb) ...
Processing triggers for man-db ...
Setting up binutils (2.19.1-0ubuntu3) ...

Setting up chkrootkit (0.48-9) ...

Processing triggers for libc6 ...
ldconfig deferred processing now taking place
После установки нужно запустить проверку системы на руткиты командой:

Код:
sudo chkrootkit
После появляется информация о проверке системы:

Код:
root@sds:~# sudo chkrootkit
ROOTDIR is `/'
Checking `amd'...                                           not found
Checking `basename'...                                      not infected
Checking `biff'...                                          not found
Checking `chfn'...                                          not infected
Checking `chsh'...                                          not infected
Checking `cron'...                                          not infected
Checking `crontab'...                                       not infected
Checking `date'...                                          not infected
Checking `du'...                                            not infected
Checking `dirname'...                                       not infected
Checking `echo'...                                          not infected
Checking `egrep'...                                         not infected
Checking `env'...                                           not infected
Checking `find'...                                          not infected
Checking `fingerd'...                                       not found
Checking `gpm'...                                           not found
Checking `grep'...                                          not infected
Checking `hdparm'...                                        not infected
Checking `su'...                                            not infected
Checking `ifconfig'...                                      not infected
Checking `inetd'...                                         not infected
Checking `inetdconf'...                                     not infected
Checking `identd'...                                        not found
Checking `init'...                                          not infected
Checking `killall'...                                       not infected
Checking `ldsopreload'...                                   not infected
Checking `login'...                                         not infected
Checking `ls'...                                            not infected
Checking `lsof'...                                          not infected
Checking `mail'...                                          not infected
Checking `mingetty'...                                      not found
Checking `netstat'...                                       not infected
Checking `named'...                                         not infected
Checking `passwd'...                                        not infected
Checking `pidof'...                                         not infected
Checking `pop2'...                                          not found
Checking `pop3'...                                          not found
Checking `ps'...                                            not infected
Checking `pstree'...                                        not infected
Checking `rpcinfo'...                                       not infected
Checking `rlogind'...                                       not found
Checking `rshd'...                                          not found
Checking `slogin'...                                        not infected
Checking `sendmail'...                                      not infected
Checking `sshd'...                                          not infected
Checking `syslogd'...                                       not infected
Checking `tar'...                                           not infected
Checking `tcpd'...                                          not infected
Checking `tcpdump'...                                       not infected
Checking `top'...                                           not infected
Checking `telnetd'...                                       not found
Checking `timed'...                                         not found
Checking `traceroute'...                                    not found
Checking `vdir'...                                          not infected
Checking `w'...                                             not infected
Checking `write'...                                         not infected
Checking `aliens'...                                        no suspect files
Searching for sniffer's logs, it may take a while...        nothing found
Searching for rootkit HiDrootkit's default files...         nothing found
Searching for rootkit t0rn's default files...               nothing found
Searching for t0rn's v8 defaults...                         nothing found
Searching for rootkit Lion's default files...               nothing found
Searching for rootkit RSHA's default files...               nothing found
Searching for rootkit RH-Sharpe's default files...          nothing found
Searching for Ambient's rootkit (ark) default files and dirs... nothing found
Searching for suspicious files and dirs, it may take a while...
/lib/init/rw/.ramfs /lib/modules/2.6.28-15-server/volatile/.mounted

Searching for LPD Worm files and dirs...                    nothing found
Searching for Ramen Worm files and dirs...                  nothing found
Searching for Maniac files and dirs...                      nothing found
Searching for RK17 files and dirs...                        nothing found
Searching for Ducoci rootkit...                             nothing found
Searching for Adore Worm...                                 nothing found
Searching for ShitC Worm...                                 nothing found
Searching for Omega Worm...                                 nothing found
Searching for Sadmind/IIS Worm...                           nothing found
Searching for MonKit...                                     nothing found
Searching for Showtee...                                    nothing found
Searching for OpticKit...                                   nothing found
Searching for T.R.K...                                      nothing found
Searching for Mithra...                                     nothing found
Searching for LOC rootkit...                                nothing found
Searching for Romanian rootkit...                           nothing found
Searching for Suckit rootkit...                             nothing found
Searching for Volc rootkit...                               nothing found
Searching for Gold2 rootkit...                              nothing found
Searching for TC2 Worm default files and dirs...            nothing found
Searching for Anonoying rootkit default files and dirs...   nothing found
Searching for ZK rootkit default files and dirs...          nothing found
Searching for ShKit rootkit default files and dirs...       nothing found
Searching for AjaKit rootkit default files and dirs...      nothing found
Searching for zaRwT rootkit default files and dirs...       nothing found
Searching for Madalin rootkit default files...              nothing found
Searching for Fu rootkit default files...                   nothing found
Searching for ESRK rootkit default files...                 nothing found
Searching for rootedoor...                                  nothing found
Searching for ENYELKM rootkit default files...              nothing found
Searching for common ssh-scanners default files...          nothing found
Searching for anomalies in shell history files...           nothing found
Checking `asp'...                                           not infected
Checking `bindshell'...                                     not infected
Checking `lkm'...                                           chkproc: nothing detected
chkdirs: nothing detected
Checking `rexedcs'...                                       not found
Checking `sniffer'...                                       lo: not promisc and no packet sniffer sockets
eth0: not promisc and no packet sniffer sockets
Checking `w55808'...                                        not infected
Checking `wted'...                                          chkwtmp: nothing deleted
Checking `scalper'...                                       not infected
Checking `slapper'...                                       not infected
Checking `z2'...                                            chklastlog: nothing deleted
root@sds:~# `bindshell'...                                     not infected
> Checking `lkm'...                                           chkproc: nothing detected
> chkdirs: nothing detected
> Checking `rexedcs'...                                       not found
-bash: command substitution: line 1: unexpected EOF while looking for matching `''
-bash: command substitution: line 3: syntax error: unexpected end of file
Checking `sniffer'...                                       lo: not promisc and no packet sniffer sockets
eth0: not promisc and no packet sniffer sockets
Checking `w55808'...                                        not infected
Checking `wted'...                                          chkwtmp: nothing deleted
Checking `scalper'...                                       not infected
Checking `slapper'...                                       not infected
Checking `z2'...                                            chklastlog: nothing deleted
root@sds:~#
-bash: lkm...                                           chkproc: nothing detected
chkdirs: nothing detected
Checking `rexedcs...: command not found
root@sds:~# Checking `sniffer'...                                       lo: not promisc and no packet sniffer sockets
> eth0: not promisc and no packet sniffer sockets
> Checking `w55808'...                                        not infected
> Checking `wted'...                                          chkwtmp: nothing deleted

-bash: command substitution: line 3: syntax error: unexpected end of file
-bash: Checking: command not found
root@sds:~# root@sds:~#
-bash: root@sds:~#: command not found
root@sds:~#
Ничего не найдено - можно спокойно вздохнуть и закрыть терминал )
  Ответить с цитированием
2 пользователя(ей) сказали cпасибо:
Ответ

Опции темы Поиск в этой теме
Поиск в этой теме:

Расширенный поиск

Ваши права в разделе
Вы не можете создавать новые темы
Вы не можете отвечать в темах
Вы не можете прикреплять вложения
Вы не можете редактировать свои сообщения

BB коды Вкл.
Смайлы Вкл.
[IMG] код Вкл.
HTML код Выкл.

Быстрый переход

Похожие темы
Тема Автор Раздел Ответов Последнее сообщение
Бесплатные видеоуроки по Linux Ubuntu 10.04 от Панзина Сергея Serberg Linux 7 08.02.2012 20:18
[Инструкция] Установка SHOUTcast в ОС Linux Ubuntu WARlok Локальный сервер 1 15.03.2011 18:30
[Инструкция] Установка программ в Ubuntu linux elvis75 Linux 16 15.03.2011 15:09
Видео самоучитель по Debian Linux и Ubuntu Linux Serberg Linux 8 13.06.2010 01:40
Windowsw Aero против Linux Ubuntu Compiz Злой Linux 30 25.11.2009 20:01


Текущее время: 12:06. Часовой пояс GMT +3.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc. Перевод: zCarot
 

Время генерации страницы 0.09158 секунды с 14 запросами