Results 1 to 3 of 3
Thread: WHM trojan scan?? Accurate?
-
04-18-2004, 09:54 AM #1Junior Guru Wannabe
- Join Date
- Mar 2004
- Posts
- 78
WHM trojan scan?? Accurate?
/dev/stderr
Scanning for Trojan Horses.....
Possible Trojan - /usr/bin/podchecker
Possible Trojan - /usr/bin/pstruct
Possible Trojan - /usr/bin/splain
Possible Trojan - /usr/bin/xsubpp
Possible Trojan - /usr/bin/pear
5 POSSIBLE Trojans Detected
Thanks a million.
-
04-18-2004, 11:49 AM #2Keep rockin' in the free world
- Join Date
- May 2002
- Location
- Kingston, Ontario
- Posts
- 1,588
Install and run Chkrootkit, don't rely on the WHM scanner very much.
-
04-18-2004, 11:53 AM #3Junior Guru Wannabe
- Join Date
- Mar 2004
- Posts
- 78
Yep, pretty much my chkrootkit says not infected.
These got me bit confused though:
Searching for RK17 files and dirs... ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
nothing foundSearching for suspicious files and dirs, it may take a while...
/usr/lib/perl5/5.8.0/i386-linux-thread-multi/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Compress/Zlib/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Archive/Tar/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Archive/Zip/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Net/Telnet/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Net/Daemon/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Net/SSLeay/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Net/AIM/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Net/DNS/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Term/ReadKey/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Term/ReadLine/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/MD5/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Mail/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Mail/SpamAssassin/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/IO-stringy/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/MIME-tools/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/RPC/PlServer/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/DBI/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/DBI/Shell/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/DBD/Multiplex/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/DBD/mysql/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Text/Reform/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Text/CSV_XS/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/IO/Tee/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/IO/Stty/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/IO/Tty/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/URI/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/HTML/Tagset/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/HTML/Parser/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/HTML/FillInForm/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/HTML/Clean/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/HTML/SimpleParse/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/libwww-perl/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Parse/RecDescent/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/OLE/Storage_Lite/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Image/Size/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Safe/Hole/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Tie/ShadowHash/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Tie/Watch/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Tie/IxHash/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Business/UPS/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Business/OnlinePayment/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Business/OnlinePayment/AuthorizeNet/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/SQL/Statement/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Spreadsheet/ParseExcel/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Spreadsheet/WriteExcel/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Convert/ASN1/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Convert/BER/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/perl-ldap/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/MLDBM/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/MLDBM/Sync/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Devel/Symdump/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/XML/Parser/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/XML/RegExp/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/XML/XSLT/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Persistent/Base/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Persistent/DBI/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Crypt/Blowfish/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Crypt/Blowfish_PP/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Crypt/CBC/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Crypt/DES/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Crypt/SSLeay/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/libxml-perl/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/XML-DOM/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Curses/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Data/ShowTable/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/GD/Text/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/GD/Graph/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/GD/Graph3d/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/GD/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/SOAP/Lite/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Tree/MultiNode/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Digest/SHA1/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Digest/HMAC/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/Digest/MD5/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/Digest/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/File/Spec/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/MIME/Base64/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/Storable/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/Time/HiRes/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/Net/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/CGI/.packlist /usr/lib/perl5/5.8.1/i686-linux/.packlist /usr/lib/php/.registry /usr/lib/php/.lock /usr/lib/php/.filemap
/usr/lib/php/.registry
Searching for LPD Worm files and dirs... nothing found
Searching for LPD Worm files and dirs... nothing found
Searching for Ramen Worm files and dirs... nothing found
Searching for Maniac files and dirs... nothing found
......