서버보안관리실무 책을 보다가 질문입니다.
작성자 정보
- 박경덕 작성
- 작성일
컨텐츠 정보
- 3,242 조회
- 0 추천
- 목록
본문
안녕하세요~
항상 많은 도움에 감사드립니다.
홍선생님 서적으로 테스트중에 궁금한것이 있습니다.
Rootkit Hunter 버전별로 실행결과값이 아래와 같이 다른게 나옵니다.
1.2.7은 system tools이 skipped이 되면, 1.2.9는 다른결과 나옵니다.
설치된 리눅스 Linux 2.6.9-42.0.10 입니다
(테스트1)
-------------------------------------------------------------------------
Rootkit Hunter 1.2.7 is running
-------------------------------------------------------------------------
Determining OS... Unknown
Warning: This operating system is not fully supported!
Warning: Cannot find md5_not_known
All MD5 checks will be skipped!
Checking binaries
* Selftests
Strings (command) [ OK ]
* System tools
Skipped!
Check rootkits
* Default files and directories
Rootkit '55808 Trojan - Variant A'... [ OK ]
ADM Worm... [ OK ]
Rootkit 'AjaKit'... [ OK ]
Rootkit 'aPa Kit'... [ OK ]
Rootkit 'Apache Worm'... [ OK ]
(테스트2)
-------------------------------------------------------------------------
Rootkit Hunter 1.2.9 is running
-------------------------------------------------------------------------
Determining OS... Ready
Checking binaries
* Selftests
Strings (command) [ OK ]
* System tools
Info: prelinked files found
Performing 'known good' check...
/bin/cat [ OK ]
/bin/chmod [ OK ]
/bin/chown [ OK ]
/bin/date [ OK ]
/bin/dmesg [ OK ]
/bin/env [ OK ]
/bin/grep [ OK ]
/bin/kill [ BAD ]
/bin/login [ OK ]
/bin/ls [ OK ]
/bin/more [ OK ]
/bin/mount [ OK ]
/bin/netstat [ OK ]
/bin/ps [ OK ]
/bin/su [ OK ]
/sbin/chkconfig [ OK ]
/sbin/depmod [ OK ]
/sbin/ifconfig [ OK ]
/usr/sbin/prelink: /sbin/init: at least one of file's dependencies has changed since prelinking
/sbin/init [ BAD ]
/sbin/insmod [ OK ]
/sbin/ip [ OK ]
/sbin/lsmod [ OK ]
/sbin/modinfo [ OK ]
/sbin/modprobe [ OK ]
/sbin/rmmod [ OK ]
/sbin/runlevel [ OK ]
/sbin/sulogin [ OK ]
/sbin/sysctl [ OK ]
/sbin/syslogd [ OK ]
/usr/bin/chattr [ OK ]
/usr/bin/du [ OK ]
/usr/bin/file [ OK ]
/usr/bin/find [ OK ]
/usr/bin/head [ OK ]
/usr/bin/killall [ OK ]
/usr/bin/lsattr [ OK ]
/usr/bin/md5sum [ OK ]
/usr/sbin/prelink: /usr/bin/passwd: at least one of file's dependencies has changed since prelinking
/usr/bin/passwd [ BAD ]
/usr/bin/pstree [ OK ]
/usr/bin/sha1sum [ OK ]
/usr/bin/slocate [ OK ]
/usr/bin/stat [ OK ]
/usr/bin/strings [ OK ]
/usr/bin/top [ OK ]
/usr/bin/users [ OK ]
/usr/bin/vmstat [ OK ]
/usr/bin/w [ OK ]
/usr/bin/watch [ OK ]
/usr/bin/wc [ OK ]
/usr/bin/wget [ OK ]
/usr/bin/whereis [ OK ]
/usr/bin/who [ OK ]
/usr/bin/whoami [ OK ]
/usr/sbin/xinetd [ OK ]
즐거운 하루 보내시고..수고하세요~
관련자료
-
이전
-
다음
