Hi folks My computer shutdown last night without my actions. So I run rkhunter... What are your results (are that false-positives, what I guess)? My mac is pretty much of-of-the-box.
What security tools do you use? [19:06:11] System checks summary [19:06:11] ===================== [19:06:11] [19:06:11] File properties checks... [19:06:11] Required commands check failed [19:06:11] Files checked: 84 [19:06:11] Suspect files: 2 [19:06:11] [19:06:11] Rootkit checks... [19:06:12] Rootkits checked : 155 [19:06:12] Possible rootkits: 1 [19:06:12] Rootkit names : Dica-Kit Rootkit [19:06:12] [19:06:12] Applications checks... [19:06:12] Applications checked: 6 [19:06:12] Suspect applications: 2 [19:06:12] [19:06:12] The system checks took: 1 minute and 28 seconds [19:06:12] [19:06:12] Info: End date is Mon Sep 13 19:06:12 CEST 2010 $ grep -i warning /var/log/rkhunter.log [19:04:42] Info: No mail-on-warning address configured [19:04:47] Warning: Checking for prerequisites [ Warning ] [19:04:47] Warning: WARNING! It is the users responsibility to ensure that when the '--propupd' option [19:04:49] /usr/bin/fuser [ Warning ] [19:04:49] Warning: The command '/usr/bin/fuser' has been replaced by a script: /usr/bin/fuser: a /usr/bin/perl -w script text executable [19:04:51] /usr/bin/whatis [ Warning ] [19:04:51] Warning: The command '/usr/bin/whatis' has been replaced by a script: /usr/bin/whatis: POSIX shell script text executable [19:05:12] Warning: Dica-Kit Rootkit [ Warning ] [19:05:43] Warning: Checking for possible rootkit strings [ Warning ] [19:05:46] Checking for system startup files [ Warning ] [19:05:46] Warning: No system startup files found. [19:05:46] Checking for passwordless accounts [ Warning ] [19:05:46] Warning: No shadow/password file found. [19:05:47] Checking if SSH root access is allowed [ Warning ] [19:05:47] Warning: The SSH configuration option 'PermitRootLogin' has not been set. [19:05:47] Checking if syslog remote logging is allowed [ Warning ] [19:05:47] Warning: Syslog configuration file allows remote logging: install.* @127.0.0.1:32376 [19:05:48] Checking for hidden files and directories [ Warning ] [19:05:48] Warning: Hidden file found: /usr/share/man/man5/.rhosts.5.gz: gzip compressed data, from Unix [19:06:11] Checking version of Bind DNS [ Warning ] [19:06:11] Warning: Application 'named', version '9.6.0', is out of date, and possibly a security risk. [19:06:11] Checking version of OpenSSH [ Warning ] [19:06:11] Warning: Application 'sshd', version '5.2p1', is out of date, and possibly a security risk. [19:05:11] Checking for Dica-Kit Rootkit... [19:05:11] Checking for file '/lib/.sso' [ Not found ] [19:05:11] Checking for file '/lib/.so' [ Not found ] [19:05:11] Checking for file '/var/run/...dica/clean' [ Not found ] [19:05:11] Checking for file '/var/run/...dica/dxr' [ Not found ] [19:05:11] Checking for file '/var/run/...dica/read' [ Not found ] [19:05:11] Checking for file '/var/run/...dica/write' [ Not found ] [19:05:12] Checking for file '/var/run/...dica/lf' [ Not found ] [19:05:12] Checking for file '/var/run/...dica/xl' [ Not found ] [19:05:12] Checking for file '/var/run/...dica/xdr' [ Not found ] [19:05:12] Checking for file '/var/run/...dica/psg' [ Not found ] [19:05:12] Checking for file '/var/run/...dica/secure' [ Not found ] [19:05:12] Checking for file '/var/run/...dica/rdx' [ Not found ] [19:05:12] Checking for file '/var/run/...dica/va' [ Not found ] [19:05:12] Checking for file '/var/run/...dica/cl.sh' [ Not found ] [19:05:12] Checking for file '/var/run/...dica/last.log' [ Not found ] [19:05:12] Checking for file '/usr/bin/.etc' [ Not found ] [19:05:12] Checking for file '/etc/sshd_config' [ Found ] [19:05:12] Checking for file '/etc/ssh_host_key' [ Not found ] [19:05:12] Checking for file '/etc/ssh_random_seed' [ Not found ] [19:05:12] Checking for directory '/var/run/...dica' [ Not found ] [19:05:12] Checking for directory '/var/run/...dica/mh' [ Not found ] [19:05:12] Checking for directory '/var/run/...dica/scan' [ Not found ] [19:05:12] Warning: Dica-Kit Rootkit [ Warning ] [19:05:12] File '/etc/sshd_config' found cheers Sven _______________________________________________ MacOSX-talk mailing list [email protected] http://www.omnigroup.com/mailman/listinfo/macosx-talk
