Hi, All,
To enforce security on my server (Solaris10 sparc), I installed and ran your
rkhunter. Actually it detected Solaris rootkit "NSDAP"
Warning: SunOS / NSDAP Rootkit [ Warning ]
File '/usr/bin/mc68000' found
File '/usr/bin/mc68010' found
File '/usr/bin/mc68020' found
File '/usr/bin/m68k' found
File '/usr/bin/sun2' found
File '/usr/bin/mc68030' found
File '/usr/bin/mc68040' found
File '/usr/bin/sun3' found
File '/usr/bin/sun3x' found
File '/usr/bin/u370' found
I checked the same directory on another Solaris10 server and there are the same
files on that. I tried to find out what these are doing. but I could not find
any clues.
Is this bundled with Solaris 10 OS originally ?
Does Sun Microsystems create those files for any reason ?
Please let me know if I can ignore or not.
If those are malicious, how should I protect ? (Initialize disk and re-install
?)
Best regards
Shunta Takino
------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
