chkrootkit결과 해석좀 부탁드립니다.
작성자 정보
- 전양백 작성
- 작성일
컨텐츠 정보
- 2,516 조회
- 0 추천
- 목록
본문
안녕하세요.. 이곳을 자주 애용하는 리눅스 유저입니다.
얼마전에 제가 관리하는 회사 서버가 해킹을 당했습니다.
백도어를 설치하고 sshd를 계속 날리더군요..
일단 백도어는 제거하고 원상복구를 했다고 했는데
chkrootkit으로 돌리니까 아래와 같이 계속 메시지 나옵니다.
이거 해석을 부탁드릴려고요..어떤 문제인지....알수가 없네요..제실력으로...
고수님들 부탁드립니다.
/usr/lib/perl5/5.8.3/i386-linux-thread-multi/auto/MIME/Base64/.packlist /usr/lib/perl5/5.8.3/i386-linux-thread-multi/auto/File/Temp/.packlist /usr/lib/perl5/5.8.3/i386-linux-thread-multi/auto/Storable/.packlist /usr/lib/perl5/5.8.3/i386-linux-thread-multi/auto/CGI/.packlist /usr/lib/perl5/5.8.3/i386-linux-thread-multi/auto/Cwd/.packlist /usr/lib/perl5/5.8.3/i386-linux-thread-multi/auto/Text/.packlist /usr/lib/perl5/5.8.3/i386-linux-thread-multi/.packlist /usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi/auto/Gaim/.packlist /usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi/auto/mod_perl/.packlist /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi/auto/IO/Stringy/.packlist /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi/auto/DBI/.packlist /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi/auto/Template/.packlist /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi/auto/MIME-tools/.packlist /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi/auto/TimeDate/.packlist /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi/auto/Mail/.packlist /lib/modules/2.6.5-1.358smp/build/scripts/.pnmtologo.cmd /lib/modules/2.6.5-1.358smp/build/scripts/.bin2c.cmd /lib/modules/2.6.5-1.358smp/build/scripts/basic/.docproc.cmd /lib/modules/2.6.5-1.358smp/build/scripts/basic/.fixdep.cmd /lib/modules/2.6.5-1.358smp/build/scripts/basic/.split-include.cmd /lib/modules/2.6.5-1.358smp/build/scripts/.mk_elfconfig.cmd /lib/modules/2.6.5-1.358smp/build/scripts/.modpost.cmd /lib/modules/2.6.5-1.358smp/build/scripts/kconfig/.conf.cmd /lib/modules/2.6.5-1.358smp/build/scripts/kconfig/.zconf.tab.o.cmd /lib/modules/2.6.5-1.358smp/build/scripts/kconfig/.mconf.o.cmd /lib/modules/2.6.5-1.358smp/build/scripts/kconfig/.libkconfig.so.cmd /lib/modules/2.6.5-1.358smp/build/scripts/kconfig/.conf.o.cmd /lib/modules/2.6.5-1.358smp/build/scripts/.empty.o.cmd /lib/modules/2.6.5-1.358smp/build/scripts/.file2alias.o.cmd /lib/modules/2.6.5-1.358smp/build/scripts/.kallsyms.cmd /lib/modules/2.6.5-1.358smp/build/scripts/.conmakehash.cmd /lib/modules/2.6.5-1.358smp/build/scripts/.sumversion.o.cmd /lib/modules/2.6.5-1.358smp/build/scripts/.elfconfig.h.cmd /lib/modules/2.6.5-1.358smp/build/scripts/.modpost.o.cmd /lib/modules/2.6.5-1.358smp/build/.config /lib/modules/2.6.5-1.358/build/scripts/.pnmtologo.cmd /lib/modules/2.6.5-1.358/build/scripts/.bin2c.cmd /lib/modules/2.6.5-1.358/build/scripts/basic/.docproc.cmd /lib/modules/2.6.5-1.358/build/scripts/basic/.fixdep.cmd /lib/modules/2.6.5-1.358/build/scripts/basic/.split-include.cmd /lib/modules/2.6.5-1.358/build/scripts/.mk_elfconfig.cmd /lib/modules/2.6.5-1.358/build/scripts/.modpost.cmd /lib/modules/2.6.5-1.358/build/scripts/kconfig/.conf.cmd /lib/modules/2.6.5-1.358/build/scripts/kconfig/.zconf.tab.o.cmd /lib/modules/2.6.5-1.358/build/scripts/kconfig/.mconf.o.cmd /lib/modules/2.6.5-1.358/build/scripts/kconfig/.libkconfig.so.cmd /lib/modules/2.6.5-1.358/build/scripts/kconfig/.conf.o.cmd /lib/modules/2.6.5-1.358/build/scripts/.empty.o.cmd /lib/modules/2.6.5-1.358/build/scripts/.file2alias.o.cmd /lib/modules/2.6.5-1.358/build/scripts/.kallsyms.cmd /lib/modules/2.6.5-1.358/build/scripts/.conmakehash.cmd /lib/modules/2.6.5-1.358/build/scripts/.sumversion.o.cmd /lib/modules/2.6.5-1.358/build/scripts/.elfconfig.h.cmd /lib/modules/2.6.5-1.358/build/scripts/.modpost.o.cmd /lib/modules/2.6.5-1.358/build/.config
The tty of the following user process(es) were not found
in /var/run/utmp !
! RUID PID TTY CMD
! root 2121 tty1 /sbin/mingetty tty1
! root 2128 tty3 /sbin/mingetty tty3
! root 2134 tty4 /sbin/mingetty tty4
! root 2140 tty5 /sbin/mingetty tty5
관련자료
-
이전
-
다음
