Dail Chkrootkit Find Shell

Aug 26, 2007

shkrootkit sent one e-mail

Checking `bindshell'... INFECTED (PORTS: 465)
Checking `lkm'... You have 1 process hidden for ps command
chkproc: Warning: Possible LKM Trojan installed

what means?

View 4 Replies


ADVERTISEMENT

./chkrootkit.sh: Line 2: Cd: /downloads/chkrootkit-0.48/: No Such File Or Directory

Aug 6, 2008

I just try install
but as title I have this error
./chkrootkit.sh: line 2: cd: /downloads/chkrootkit-0.48/: No such file or directory
./chkrootkit.sh: line 3: ./chkrootkit: No such file or directory

Iím edite
pico /etc/cron.daily/chkrootkit.sh
and set it to
#!/bin/bash
cd /downloads/chkrootkit-0.48/
./chkrootkit | mail -s "Daily chkrootkit from Servername" ****@****.com

then I try make test by
cd /etc/cron.daily/

./chkrootkit.sh

and it give me this error
./chkrootkit.sh: line 2: cd: /downloads/chkrootkit-0.48/: No such file or directory .
./chkrootkit.sh: line 3: ./chkrootkit: No such file or directory

View 8 Replies View Related

Find Shell

Oct 9, 2007

How can i find shell in my server?

is a program that find them?

my server is linux / centos / cpanel control panel

how can i disable shell in my server?

and stop deface

View 5 Replies View Related

Anyone Know Where I Can Find Shell Hosting In Atlanta?

Jul 31, 2008

Anyone know where i can find shell hosting in Atlanta?

View 0 Replies View Related

Where Do I Find The Shell Command Feature

Jun 9, 2008

i am trying hard to understand how everything works, i just finished installing my CentOS 5.2 OS and need to install + Apache + MySQL + PHP/Perl.

Also i downloaded the apache file and tried to insatll it but it has to be done by giving a command via Bash shell for wht i understood, so i downloaded bash shell file. How and where do i enter the commands for installing these applications?

View 3 Replies View Related

How May I Use Of Chkrootkit?

Aug 13, 2007

i install it is for what? how may i use of it?

View 5 Replies View Related

Change Jail Shell To Normal Shell

Jul 8, 2008

Do any1 know how to change jail shell to normal shell?

View 14 Replies View Related

CHKROOTKIT Or RKHunter

Jul 29, 2009

which of the is better?

CHKROOTKIT or RKHunter?

i want to install and run it via ssh.

View 14 Replies View Related

Chkrootkit Log Has Errors

Jan 7, 2009

I have performed chkrootkit and got the following results. It suggests that there are a lot of problems. how would i get rid of these?

Checking `lsof'... not infected
Checking `mail'... not infected
Checking `mingetty'... not infected
Checking `netstat'... not infected
Checking `named'... not infected
Checking `passwd'... not infected
Checking `pidof'... not infected
Checking `pop2'... not found
Checking `pop3'... not found
Checking `ps'... not infected
Checking `pstree'... not infected
Checking `rpcinfo'... not infected
Checking `rlogind'... not found
Checking `rshd'... not found
Checking `slogin'... not infected
Checking `sendmail'... not infected
Checking `sshd'... not infected
Checking `syslogd'... not infected
Checking `tar'... not infected
Checking `tcpd'... not infected
Checking `tcpdump'... not infected
Checking `top'... not infected
Checking `telnetd'... not infected
Checking `timed'... not found
Checking `traceroute'... not infected
Checking `vdir'... not infected
Checking `w'... not infected
Checking `write'... not infected
Checking `aliens'... no suspect files
Searching for sniffer's logs, it may take a while... nothing found
Searching for HiDrootkit's default dir... nothing found
Searching for t0rn's default files and dirs... nothing found
Searching for t0rn's v8 defaults... nothing found
Searching for Lion Worm default files and dirs... nothing found
Searching for RSHA's default files and dir... nothing found
Searching for RH-Sharpe's default files... nothing found
Searching for Ambient's rootkit (ark) default files and dirs... nothing found
Searching for suspicious files and dirs, it may take a while...

View 14 Replies View Related

Rkhunter & Chkrootkit?

Jun 30, 2008

I've honestly never had to worry about protecting myself from exploits until this week, when I found out somebody agined access t othe server using an old script on an old account (teach me to delete client accounts when they leave me, it did!)

I'm working on a new server and going through lots of posts on better securing it, and two things that are suggested is installing chkrootkit and rkhunter, and adding them to the daily cron jobs. Learned how to install and set up the daily script for chkrootkit, but here's what I'd like to do that I'm not sure how to go about, I'd like to a) be notified ONLY if there are changes in the daily scans (especially since there are a couple of false positives I'm aware of) and b) be e-mailed a full report once a week, whether or not there were any changes.

I've got rkhunter installed as well, but I can't seem to find a script that will properly execute it and e-mail it to me. Does anybody have one that works? I'd also like to only get an e-mail if there are changes, except for a once weekly scan result.

View 3 Replies View Related

Rkhunter Vs. Chkrootkit - Best Way To Run

Dec 31, 2007

A couple days ago, I installed Rkhunter 1.3.0. I updated it, ran it, and put in my my crontab.root

30 23 * * * /usr/local/bin/rkhunter --cronjob > /dev/null

I just finished installing chkrootkit 0.48. I ran it and everything seems fine.

Is there a way to run this as a service?? I ask because in my VPS control panel, the security check still shows that Chkrootkit isn't installed.

Do I put it in the crontab.root file, or does it run as a service?

Also... Does it do the same thing as Rkhunter, or should I have them both installed?

View 1 Replies View Related

Error In Install Chkrootkit-0.48

May 29, 2008

I have following error when try to install chkrootkit-0.48 on server:

[root@m5088 chkrootkit-0.48]# make sense
gcc -DHAVE_LASTLOG_H -o chklastlog chklastlog.c
make: gcc: Command not found
make: *** [chklastlog] Error 127

How can resolve this issue?

View 4 Replies View Related

Chkrootkit :: Not Promisc And No PF_PACKET Sockets

May 27, 2007

Checking `sniffer'... eth0: not promisc and no PF_PACKET sockets

eth1: not promisc and no PF_PACKET sockets
eth1:1: not promisc and no PF_PACKET sockets
eth1:2: not promisc and no PF_PACKET sockets
eth1:3: not promisc and no PF_PACKET sockets
eth1:4: not promisc and no PF_PACKET sockets

Anything I should be worried about?

View 2 Replies View Related

Windows Equivalent Of Chkrootkit, Rkhunter

Oct 29, 2009

i use those 2 programs for scanning for rootkit programs.

are there any free programs for windows?

View 3 Replies View Related

Using Find Command With Regex To Find All Number-only Filenames

Oct 15, 2007

how can i do a search for all files (probs using regex) of files consisting purely of numbers?

for e.g. find:

53243.php
24353.php
24098.php

(always have 5 numbers).

seems one of my accounts has had some script run which generated a bunch of these in various subfolders, and the php file basically does a callback to www3.rssnews.ws and www3.xmldata.info, which seem to be some sort of spyware servers.

View 10 Replies View Related

Shell

Sep 30, 2007

my server in under attack of shell

how can i find shell code in my server? (c99 ...)

is any anti virus or open source tools to find it

how can i disable shell function?

View 4 Replies View Related

Shell Allow.

May 10, 2007

I have spare dedicated machine.

I want to allow user to run few processes on machine (debian etch).

I configurated limits at /etc/security/limits.conf for group "shell".

When I attached user to group shell, limits work well, but he still can look
everywhere on system. (he can do cat /home/somefile.txt, even owned by root).

Is there any method, software to limit user to acces only their home directories?

View 2 Replies View Related

Shell And Php Security

Jun 7, 2009

For security reason I have these php functiosn disabled:

show_source, system, shell_exec, exec, popen, proc_open, procopen, passthru

Can anyone please tell me whether if it will prevent shell scripts from working?

They can still upload the shells but cant read/write/execute commands in 777 directories?

View 6 Replies View Related

SSH/Shell Not Connecting

Apr 16, 2005

I'm having a problem connecting to SSH/Shell on my server. I get the Login Prompt, but when i enter the User/Pass i just get "SSH-2.0-OpenSSH_3.6.1p2", everything under that is blank.

I've restarted the SSH Server and made sure the account i was using was set to use Normal Shell (not jailed). What could be the problem?

View 3 Replies View Related

Chmod Using Shell

Oct 8, 2006

I was wondering if it were possible to chmod a directory that is set to a low number to 777 using a shell or command and if so can anyone point me in the right direction as to how to go about doing so ??? I am trying to learn a little and i pefer using my browser to edit files rather then a ftp client.

View 9 Replies View Related

Pennsylvania VPS Or Shell

Jun 9, 2007

I was just wondering if anyone is aware of Linux VPS or shell account providers with servers that are physically located in Pennsylvania. The only two I've come across so far are Nocster and VPS Village.

View 2 Replies View Related

What's Shell Access?

Oct 8, 2009

I keep seeing web hosts where it says that there is/isn't shell access, etc. What's shell access and what do you do with it in/with a web host?

View 14 Replies View Related

Shell DNS Toolkit?

May 27, 2008

Is there a such thing? I use shell mainly for whois info, tracing, telnet for email issues, etc etc. Is there a 'toolkit' for such things?

View 6 Replies View Related

How Do You Use Shell Access?

Nov 6, 2005

I have a script that needs to be run from shell access, but I've never done this before. How do you access a script through shell? Is there software I need to download? Not even sure where to begin.

View 5 Replies View Related

C99 Shell On My Server

Dec 16, 2007

One of our customers uploaded C99Shell script on my server, and he can access to another accounts,
I upgraded php to 5 but he can access with this script to another accounts yet, what should I do to disable this script or other one?

View 14 Replies View Related

How To Program In Shell ?

Oct 11, 2006

I'm trying to program a very simple shell script that does 2-3 things.

1) checks for the number of a script running say, "ps aux | grep php | wc -l" returns that number.

2) deletes temp files folders "cd /to/that/directory/; rm -fr *&" every 90 seconds IF that number in check #1 is below say 50....

and then have this shell script launched in shell every so often, not sure on the frequency but first is how to program in shell is a TIME DELAY....

View 7 Replies View Related

DNS Forwarding Using Shell

Oct 29, 2006

We have customer who has account on our *nix box server and who wanna move to our h-sphere reseller platform because now he want to use asp and mssql.

If it`s .com domain, for example, I would be able to easy change NS1 and NS2, but since this is ccTLD (and we will wait 10-15 days) I need quick solution for DNS forwarding.

ns1.oldnameserver -> ns1.newnamerserver
ns2.oldnamesrever -> ns2.newnamerserver

se when I run ping for example, I have to have reply from new server.

I have shell access but I don`t know how to modify zone or named, since obviously I can not do this using whm.

View 3 Replies View Related

SSH/Shell Access :: How To Use It?

Jun 11, 2008

I have never used SSH/Shell Access, but think I may want to. Can someone explain what it is, and maybe explain how to use it? My web hosting provider provides SSH, but I have no clue what to do.

View 10 Replies View Related

How To A Shell With A Restriction As Not Run Gcc

Dec 17, 2008

how to a shell with a restriction as not run gcc, screen, limit process to use or not use, run programs like bg process etc etc.

View 1 Replies View Related

Shell Access

Aug 1, 2008

I've enabled ssh one of my account in WHM, so I went to cpanel of this account and tried the SSH/Shell Access, but what I got is:

For security reasons, shell access is not enabled by default. In order to activate shell access on your account, you will need to fax or mail a copy of your driver's license, passport or other photo id to customer service.

is this something about SSH Key? do I have to generate a key so I can use the SSH/Shell Access?

View 8 Replies View Related

Jailed Shell On A VPS

Apr 2, 2007

On a VPS I am using, I was astonished to see that when I login through SSH to a WHM account, I can go right up to the VPS system directories, do an ls, read the files etc. the user is able to get into the all the VPS directories, except root.

It's fine in FTP. Although I can see the link to the directory above home, clicking on it does not take the user to those directories.

When I ask my service provider, they say, "Yes, this is normal behavior. The users will still be able to move into the other users' home directories but they will not be able to write to the files or open them".

It seems to me this isn't a good situation. How can I prevent shell users from going beyond their home directories? Is implementing a jailed shell a good option? Can I use this feature that is readily available in WHM?

View 9 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved