By the way, all the other findings are normal for Macs with default settings.
You really have to view the log to see what the actual findings are and it's
not viewable to even an admin user without changing permissions on the log file.
Sent from my iPad
> On Dec 27, 2017, at 11:35 AM, Ms. Eva <vajratara.h...@gmail.com> wrote:
>
> Hello,
>
> Could anyone help me? I'm new.. just learning ethical hacking for beginners,
> and I was afraid to download Kali and Metasploitable environment because I
> suspected I had intrusion on my system. I've taken the system in to Apple and
> consulted Apple, but they deny they see anything wrong. Yet, I see suspicious
> things. Research lead me to RK hunter with a tutorial on how to download and
> enable it and the terminal commands to use.
>
> I've now DOD-level- erased, repartitioned disks, downloaded and reinstalled
> my operating system 7 times on my Mac over the course of 3 days, but I think
> rootkit or string injection is rebuilding itself. Here are my suspicious
> results. I have summarized below the suspicious findings that appear exactly
> the same each time, regardless of how fresh the OSX High Sierra refresh: Can
> anyone Kindly tell me what they think, and how to go about cleaning this up?
>
> Evas-MacBook-Pro:rkhunter-1.4.4 evadlp$ sudo rkhunter --check
> Checking system commands...
>
> Performing 'strings' command checks
> Checking 'strings' command [ Warning ]
> Performing 'shared libraries' checks
> Checking LD_LIBRARY_PATH variable [ Skipped ]
> Performing file properties checks
> /usr/bin/fuser [ Warning ]
> /usr/bin/whatis [ Warning ]
> /usr/bin/shasum [ Warning ]
> Checking for rootkits...
> Performing check of known rootkit files and directories
> Checking for possible rootkit strings [ Warning ]
> Performing Darwin specific checks [ Skipped ]
> Checking the network...
> Performing checks on the network interfaces
> Checking for promiscuous interfaces [ Warning ]
> Checking the local host...
> Checking for system startup files [ Warning ]
> Performing system configuration file checks
> Checking if SSH root access is allowed [ Warning ]
> Checking if SSH protocol v1 is allowed [ Warning ]
> Checking for hidden files and directories [ Warning ]
> System checks summary
> =====================
>
> File properties checks...
> Files checked: 94
> Suspect files: 3
>
> Rootkit checks...
> Rootkits checked : 364
> Possible rootkits: 0
>
> Seasons greetings, many thanks,
> Eva dip
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Rkhunter-users mailing list
> Rkhunter-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/rkhunter-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
