免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
论坛 备份版区 攻防交流区 麻烦帮我这个新手看看标记chkrootkit日志,是不是被入侵 ...
最近访问板块 发新帖
查看: 3147 | 回复: 0
打印 上一主题 下一主题

麻烦帮我这个新手看看标记chkrootkit日志,是不是被入侵了? [复制链接]

very263

论坛徽章:
0
跳转到指定楼层
1 [收藏(0)] [报告]
发表于 2009-06-11 09:09 |只看该作者 |倒序浏览
日记如下,最近已经发现扫描两次了,每次都是晚上4点多开始,麻烦哪位高手给我看看,因为对于我这些新手,我感觉是被攻击了,但是却不知道怎么对付,看日记也是懵喳喳的。\r\n
Jun 11 04:02:22 Aoseek chkrootkit: ROOTDIR is `/\'\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `amd\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `basename\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `biff\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `chfn\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `chsh\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `cron\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `crontab\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `date\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `du\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `dirname\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `echo\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `egrep\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `env\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `find\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `fingerd\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `gpm\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `grep\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `hdparm\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `su\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `ifconfig\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `inetd\'... not tested\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `inetdconf\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `identd\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `init\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `killall\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `ldsopreload\'... can\'t exec ./strings-static, not tested\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `login\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `ls\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `lsof\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `mail\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `mingetty\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `netstat\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `named\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `passwd\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `pidof\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `pop2\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `pop3\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `ps\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `pstree\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `rpcinfo\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `rlogind\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `rshd\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `slogin\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `sendmail\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `sshd\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `syslogd\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `tar\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `tcpd\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `tcpdump\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `top\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `telnetd\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `timed\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `traceroute\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `vdir\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `w\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `write\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `aliens\'... no suspect files\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for sniffer\'s logs, it may take a while... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for HiDrootkit\'s default dir... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for t0rn\'s default files and dirs... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for t0rn\'s v8 defaults... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Lion Worm default files and dirs... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for RSHA\'s default files and dir... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for RH-Sharpe\'s default files... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Ambient\'s rootkit (ark) default files and dirs... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for suspicious files and dirs, it may take a while... \r\nJun 11 04:02:22 Aoseek chkrootkit: /usr/lib/gtk-2.0/immodules/.relocation-tag /usr/lib/perl5/5.8.8/i386-linux-thread-multi/.packlist /lib/.libcrypto.so.0.9.8e.hmac /lib/.libcrypto.so.6.hmac\r\nJun 11 04:02:22 Aoseek chkrootkit: \r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for LPD Worm files and dirs... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Ramen Worm files and dirs... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Maniac files and dirs... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for RK17 files and dirs... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Ducoci rootkit... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Adore Worm... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for ShitC Worm... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Omega Worm... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Sadmind/IIS Worm... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for MonKit... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Showtee... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for OpticKit... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for T.R.K... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Mithra... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for LOC rootkit... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Romanian rootkit... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for HKRK rootkit... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Suckit rootkit... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Volc rootkit... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Gold2 rootkit... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for TC2 Worm default files and dirs... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Anonoying rootkit default files and dirs... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for ZK rootkit default files and dirs... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for ShKit rootkit default files and dirs... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for AjaKit rootkit default files and dirs... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for zaRwT rootkit default files and dirs... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Madalin rootkit default files... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for Fu rootkit default files... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for ESRK rootkit default files... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for rootedoor... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for ENYELKM rootkit default files... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for common ssh-scanners default files... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for suspect PHP files... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Searching for anomalies in shell history files... nothing found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `asp\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `bindshell\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `lkm\'... not tested: can\'t exec \r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `rexedcs\'... not found\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `sniffer\'... not tested: can\'t exec ./ifpromisc\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `w55808\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `wted\'... not tested: can\'t exec ./chkwtmp\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `scalper\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `slapper\'... not infected\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `z2\'... not tested: can\'t exec ./chklastlog\r\nJun 11 04:02:22 Aoseek chkrootkit: Checking `chkutmp\'... not tested: can\'t exec ./chkutmp
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP