Bonjour à toutes et à tous,
Suite à la lecture d'un post sur ce forum concernant un problème de "Rootkit" je poste ci-dessous les rapports demandés sur ledit post.
Pour information, j'ai installé Debian sur mon hp mini via le même cd iso que pour mon pc (tour) puis j'ai fait les màj au fur et à mesure.
Désolé j'ai exécuté les commandes mais ne me souviens plus de l'intitulé de leurs "commandes"
*****************************************************************************************************************************************
#
# deb cdrom:[Debian GNU/Linux 8.5.0 _Jessie_ - Official i386 NETINST Binary-1 20160604-14:07]/ jessie main
#deb cdrom:[Debian GNU/Linux 8.5.0 _Jessie_ - Official i386 NETINST Binary-1 20160604-14:07]/ jessie main
deb [url]http://ftp.fr.debian.org/debian/[/url] jessie main
deb-src [url]http://ftp.fr.debian.org/debian/[/url] jessie main
deb [url]http://security.debian.org/[/url] jessie/updates main
deb-src [url]http://security.debian.org/[/url] jessie/updates main
# jessie-updates, previously known as 'volatile'
deb [url]http://ftp.fr.debian.org/debian/[/url] jessie-updates main
deb-src [url]http://ftp.fr.debian.org/debian/[/url] jessie-updates main
******************************************************************************************************************************************
RKHUNTER :
dom@debian:~$ su
Mot de passe :
root@debian:/home/dom# rkhunter --update
Invalid WEB_CMD configuration option: Relative pathname: "/bin/false"
root@debian:/home/dom#
[ Rootkit Hunter version 1.4.2 ]
Checking system commands...
Performing 'strings' command checks
Checking 'strings' command [ OK ]
Performing 'shared libraries' checks
Checking for preloading variables [ None found ]
Checking for preloaded libraries [ None found ]
Checking LD_LIBRARY_PATH variable [ Not found ]
Performing file properties checks
Checking for prerequisites [ Warning ]
/usr/sbin/adduser [ OK ]
/usr/sbin/chroot [ OK ]
/usr/sbin/cron [ OK ]
/usr/sbin/groupadd [ Warning ]
/usr/sbin/groupdel [ Warning ]
/usr/sbin/groupmod [ Warning ]
/usr/sbin/grpck [ Warning ]
/usr/sbin/nologin [ Warning ]
/usr/sbin/pwck [ Warning ]
/usr/sbin/rsyslogd [ OK ]
/usr/sbin/tcpd [ OK ]
/usr/sbin/useradd [ Warning ]
/usr/sbin/userdel [ Warning ]
/usr/sbin/usermod [ Warning ]
/usr/sbin/vipw [ Warning ]
/usr/bin/awk [ OK ]
/usr/bin/basename [ OK ]
/usr/bin/chattr [ OK ]
/usr/bin/cut [ OK ]
/usr/bin/diff [ OK ]
/usr/bin/dirname [ OK ]
/usr/bin/dpkg [ OK ]
/usr/bin/dpkg-query [ OK ]
/usr/bin/du [ OK ]
/usr/bin/env [ OK ]
/usr/bin/file [ OK ]
/usr/bin/find [ OK ]
/usr/bin/GET [ OK ]
/usr/bin/groups [ OK ]
/usr/bin/head [ OK ]
/usr/bin/id [ OK ]
/usr/bin/killall [ OK ]
/usr/bin/last [ OK ]
/usr/bin/lastlog [ Warning ]
/usr/bin/ldd [ Warning ]
/usr/bin/less [ OK ]
/usr/bin/locate [ OK ]
/usr/bin/logger [ OK ]
/usr/bin/lsattr [ OK ]
/usr/bin/lsof [ OK ]
/usr/bin/mail [ OK ]
/usr/bin/md5sum [ OK ]
/usr/bin/mlocate [ OK ]
/usr/bin/newgrp [ Warning ]
/usr/bin/passwd [ Warning ]
/usr/bin/perl [ Warning ]
/usr/bin/pgrep [ OK ]
/usr/bin/pkill [ OK ]
/usr/bin/pstree [ OK ]
/usr/bin/rkhunter [ Warning ]
/usr/bin/runcon [ OK ]
/usr/bin/sha1sum [ OK ]
/usr/bin/sha224sum [ OK ]
/usr/bin/sha256sum [ OK ]
/usr/bin/sha384sum [ OK ]
/usr/bin/sha512sum [ OK ]
/usr/bin/size [ Warning ]
/usr/bin/sort [ OK ]
/usr/bin/ssh [ OK ]
/usr/bin/stat [ OK ]
/usr/bin/strings [ Warning ]
/usr/bin/sudo [ Warning ]
/usr/bin/tail [ OK ]
/usr/bin/telnet [ OK ]
/usr/bin/test [ OK ]
/usr/bin/top [ OK ]
/usr/bin/touch [ OK ]
/usr/bin/tr [ OK ]
/usr/bin/uniq [ OK ]
/usr/bin/users [ OK ]
/usr/bin/vmstat [ OK ]
/usr/bin/w [ OK ]
/usr/bin/watch [ OK ]
/usr/bin/wc [ OK ]
/usr/bin/wget [ Warning ]
/usr/bin/whatis [ OK ]
/usr/bin/whereis [ OK ]
/usr/bin/which [ OK ]
/usr/bin/who [ OK ]
/usr/bin/whoami [ OK ]
/usr/bin/gawk [ OK ]
/usr/bin/lwp-request [ OK ]
/usr/bin/bsd-mailx [ OK ]
/usr/bin/telnet.netkit [ OK ]
/usr/bin/w.procps [ OK ]
/sbin/depmod [ OK ]
/sbin/fsck [ OK ]
/sbin/ifconfig [ OK ]
/sbin/ifdown [ OK ]
/sbin/ifup [ OK ]
/sbin/init [ Warning ]
/sbin/insmod [ OK ]
/sbin/ip [ OK ]
/sbin/lsmod [ OK ]
/sbin/modinfo [ OK ]
/sbin/modprobe [ OK ]
/sbin/rmmod [ OK ]
/sbin/route [ OK ]
/sbin/runlevel [ Warning ]
/sbin/sulogin [ OK ]
/sbin/sysctl [ OK ]
/bin/bash [ OK ]
/bin/cat [ OK ]
/bin/chmod [ OK ]
/bin/chown [ OK ]
/bin/cp [ OK ]
/bin/date [ OK ]
/bin/df [ OK ]
/bin/dmesg [ OK ]
/bin/echo [ OK ]
/bin/egrep [ OK ]
/bin/fgrep [ OK ]
/bin/fuser [ OK ]
/bin/grep [ OK ]
/bin/ip [ OK ]
/bin/kill [ OK ]
/bin/less [ OK ]
/bin/login [ Warning ]
/bin/ls [ OK ]
/bin/lsmod [ OK ]
/bin/mktemp [ OK ]
/bin/more [ OK ]
/bin/mount [ OK ]
/bin/mv [ OK ]
/bin/netstat [ OK ]
/bin/ping [ OK ]
/bin/ps [ OK ]
/bin/pwd [ OK ]
/bin/readlink [ OK ]
/bin/sed [ OK ]
/bin/sh [ OK ]
/bin/su [ Warning ]
/bin/touch [ OK ]
/bin/uname [ OK ]
/bin/which [ OK ]
/bin/kmod [ OK ]
/bin/systemd [ Warning ]
/bin/systemctl [ Warning ]
/bin/dash [ OK ]
/lib/systemd/systemd [ Warning ]
[Press <ENTER> to continue]
Checking for rootkits...
Performing check of known rootkit files and directories
55808 Trojan - Variant A [ Not found ]
ADM Worm [ Not found ]
AjaKit Rootkit [ Not found ]
Adore Rootkit [ Not found ]
aPa Kit [ Not found ]
Apache Worm [ Not found ]
Ambient (ark) Rootkit [ Not found ]
Balaur Rootkit [ Not found ]
BeastKit Rootkit [ Not found ]
beX2 Rootkit [ Not found ]
BOBKit Rootkit [ Not found ]
cb Rootkit [ Not found ]
CiNIK Worm (Slapper.B variant) [ Not found ]
Danny-Boy's Abuse Kit [ Not found ]
Devil RootKit [ Not found ]
Dica-Kit Rootkit [ Not found ]
Dreams Rootkit [ Not found ]
Duarawkz Rootkit [ Not found ]
Enye LKM [ Not found ]
Flea Linux Rootkit [ Not found ]
Fu Rootkit [ Not found ]
Fuck`it Rootkit [ Not found ]
GasKit Rootkit [ Not found ]
Heroin LKM [ Not found ]
HjC Kit [ Not found ]
ignoKit Rootkit [ Not found ]
IntoXonia-NG Rootkit [ Not found ]
Irix Rootkit [ Not found ]
Jynx Rootkit [ Not found ]
KBeast Rootkit [ Not found ]
Kitko Rootkit [ Not found ]
Knark Rootkit [ Not found ]
ld-linuxv.so Rootkit [ Not found ]
Li0n Worm [ Not found ]
Lockit / LJK2 Rootkit [ Not found ]
Mood-NT Rootkit [ Not found ]
MRK Rootkit [ Not found ]
Ni0 Rootkit [ Not found ]
Ohhara Rootkit [ Not found ]
Optic Kit (Tux) Worm [ Not found ]
Oz Rootkit [ Not found ]
Phalanx Rootkit [ Not found ]
Phalanx2 Rootkit [ Not found ]
Phalanx2 Rootkit (extended tests) [ Not found ]
Portacelo Rootkit [ Not found ]
R3dstorm Toolkit [ Not found ]
RH-Sharpe's Rootkit [ Not found ]
RSHA's Rootkit [ Not found ]
Scalper Worm [ Not found ]
Sebek LKM [ Not found ]
Shutdown Rootkit [ Not found ]
SHV4 Rootkit [ Not found ]
SHV5 Rootkit [ Not found ]
Sin Rootkit [ Not found ]
Slapper Worm [ Not found ]
Sneakin Rootkit [ Not found ]
'Spanish' Rootkit [ Not found ]
Suckit Rootkit [ Not found ]
Superkit Rootkit [ Not found ]
TBD (Telnet BackDoor) [ Not found ]
TeLeKiT Rootkit [ Not found ]
T0rn Rootkit [ Not found ]
trNkit Rootkit [ Not found ]
Trojanit Kit [ Not found ]
Tuxtendo Rootkit [ Not found ]
URK Rootkit [ Not found ]
Vampire Rootkit [ Not found ]
VcKit Rootkit [ Not found ]
Volc Rootkit [ Not found ]
Xzibit Rootkit [ Not found ]
zaRwT.KiT Rootkit [ Not found ]
ZK Rootkit [ Not found ]
[Press <ENTER> to continue]
Performing additional rootkit checks
Suckit Rookit additional checks [ OK ]
Checking for possible rootkit files and directories [ None found ]
Checking for possible rootkit strings [ None found ]
Performing malware checks
Checking running processes for suspicious files [ None found ]
Checking for login backdoors [ None found ]
Checking for suspicious directories [ None found ]
Checking for sniffer log files [ None found ]
Suspicious Shared Memory segments [ None found ]
Performing Linux specific checks
Checking loaded kernel modules [ OK ]
Checking kernel module names [ OK ]
[Press <ENTER> to continue]
Checking the network...
Performing checks on the network ports
Checking for backdoor ports [ None found ]
Checking for hidden ports [ Skipped ]
Performing checks on the network interfaces
Checking for promiscuous interfaces [ None found ]
Checking the local host...
Performing system boot checks
Checking for local host name [ Found ]
Checking for system startup files [ Found ]
Checking system startup files for malware [ None found ]
Performing group and account checks
Checking for passwd file [ Found ]
Checking for root equivalent (UID 0) accounts [ None found ]
Checking for passwordless accounts [ None found ]
Checking for passwd file changes [ None found ]
Checking for group file changes [ None found ]
Checking root account shell history files [ OK ]
Performing system configuration file checks
Checking for an SSH configuration file [ Not found ]
Checking for a running system logging daemon [ Found ]
Checking for a system logging configuration file [ Found ]
Checking if syslog remote logging is allowed [ Not allowed ]
Performing filesystem checks
Checking /dev for suspicious file types [ Warning ]
Checking for hidden files and directories [ Warning ]
[Press <ENTER> to continue]
System checks summary
=====================
File properties checks...
Required commands check failed
Files checked: 140
Suspect files: 27
Rootkit checks...
Rootkits checked : 364
Possible rootkits: 0
Applications checks...
All checks skipped
The system checks took: 4 minutes and 2 seconds
All results have been written to the log file: /var/log/rkhunter.log
One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter.log)
************************************************************************************************************
CHKROOTKIT :
root@debian:/home/dom#
ROOTDIR is `/'
Checking `amd'... not found
Checking `basename'... not infected
Checking `biff'... not found
Checking `chfn'... not infected
Checking `chsh'... not infected
Checking `cron'... not infected
Checking `crontab'... not infected
Checking `date'... not infected
Checking `du'... not infected
Checking `dirname'... not infected
Checking `echo'... not infected
Checking `egrep'... not infected
Checking `env'... not infected
Checking `find'... not infected
Checking `fingerd'... not found
Checking `gpm'... not found
Checking `grep'... not infected
Checking `hdparm'... not found
Checking `su'... not infected
Checking `ifconfig'... not infected
Checking `inetd'... not infected
Checking `inetdconf'... not found
Checking `identd'... not found
Checking `init'... not infected
Checking `killall'... not infected
Checking `ldsopreload'... not infected
Checking `login'... not infected
Checking `ls'... not infected
Checking `lsof'... not infected
Checking `mail'... not infected
Checking `mingetty'... not found
Checking `netstat'... not infected
Checking `named'... not found
Checking `passwd'... not infected
Checking `pidof'... not infected
Checking `pop2'... not found
Checking `pop3'... not found
Checking `ps'... not infected
Checking `pstree'... not infected
Checking `rpcinfo'... not infected
Checking `rlogind'... not found
Checking `rshd'... not found
Checking `slogin'... not infected
Checking `sendmail'... not infected
Checking `sshd'... not found
Checking `syslogd'... not tested
Checking `tar'... not infected
Checking `tcpd'... not infected
Checking `tcpdump'... not infected
Checking `top'... not infected
Checking `telnetd'... not found
Checking `timed'... not found
Checking `traceroute'... not infected
Checking `vdir'... not infected
Checking `w'... not infected
Checking `write'... not infected
Checking `aliens'... no suspect files
Searching for sniffer's logs, it may take a while... nothing found
Searching for rootkit HiDrootkit's default files... nothing found
Searching for rootkit t0rn's default files... nothing found
Searching for t0rn's v8 defaults... nothing found
Searching for rootkit Lion's default files... nothing found
Searching for rootkit RSHA's default files... nothing found
Searching for rootkit RH-Sharpe's default files... nothing found
Searching for Ambient's rootkit (ark) default files and dirs... nothing found
Searching for suspicious files and dirs, it may take a while... The following suspicious files and directories were found:
/usr/lib/python3/dist-packages/PyQt4/uic/widget-plugins/.noinit /usr/lib/pymodules/python2.7/.path /usr/lib/debug/.build-id /usr/lib/jvm/.java-1.7.0-openjdk-i386.jinfo
/usr/lib/debug/.build-id
Searching for LPD Worm files and dirs... nothing found
Searching for Ramen Worm files and dirs... nothing found
Searching for Maniac files and dirs... nothing found
Searching for RK17 files and dirs... nothing found
Searching for Ducoci rootkit... nothing found
Searching for Adore Worm... nothing found
Searching for ShitC Worm... nothing found
Searching for Omega Worm... nothing found
Searching for Sadmind/IIS Worm... nothing found
Searching for MonKit... nothing found
Searching for Showtee... nothing found
Searching for OpticKit... nothing found
Searching for T.R.K... nothing found
Searching for Mithra... nothing found
Searching for LOC rootkit... nothing found
Searching for Romanian rootkit... nothing found
Searching for Suckit rootkit... nothing found
Searching for Volc rootkit... nothing found
Searching for Gold2 rootkit... nothing found
Searching for TC2 Worm default files and dirs... nothing found
Searching for Anonoying rootkit default files and dirs... nothing found
Searching for ZK rootkit default files and dirs... nothing found
Searching for ShKit rootkit default files and dirs... nothing found
Searching for AjaKit rootkit default files and dirs... nothing found
Searching for zaRwT rootkit default files and dirs... nothing found
Searching for Madalin rootkit default files... nothing found
Searching for Fu rootkit default files... nothing found
Searching for ESRK rootkit default files... nothing found
Searching for rootedoor... nothing found
Searching for ENYELKM rootkit default files... nothing found
Searching for common ssh-scanners default files... nothing found
Searching for Linux/Ebury - Operation Windigo ssh... nothing found
Searching for 64-bit Linux Rootkit ... nothing found
Searching for 64-bit Linux Rootkit modules... nothing found
Searching for suspect PHP files... nothing found
Searching for anomalies in shell history files... nothing found
Checking `asp'... not infected
Checking `bindshell'... not infected
Checking `lkm'... You have 1 process hidden for readdir command
You have 1 process hidden for ps command
chkproc: Warning: Possible LKM Trojan installed
chkdirs: nothing detected
Checking `rexedcs'... not found
Checking `sniffer'... lo: not promisc and no packet sniffer sockets
wlan0: PACKET SNIFFER(/sbin/wpa_supplicant[755], /sbin/wpa_supplicant[755], /sbin/dhclient[1796])
Checking `w55808'... not infected
Checking `wted'... chkwtmp: nothing deleted
Checking `scalper'... not infected
Checking `slapper'... not infected
Checking `z2'... user dom deleted or never logged from lastlog!
Checking `chkutmp'... The tty of the following user process(es) were not found
in /var/run/utmp !
! RUID PID TTY CMD
! 0|253:1|254:1|255:0|256:0|257:0| 2 1|236:1|237:0|238:1|239:1|240:0|240|253:1|254:1|255:0|256:0|257:0| -stringPrefs 3:7;release|174:3;1.0|191:332; ¼½¾ǃː??։֊׃״؉؊٪۔܁܂܃܄?᜵ ???‐’․‧???????‹›⁁⁄⁒⅓⅔⅕⅖⅗⅘⅙⅚?⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹
! root 574 tty7 /usr/bin/Xorg :0 -novtswitch -background none -noreset -verbose 3 -auth /var/run/gdm3/auth-for-Debian-gdm-ZxtXLO/database -seat seat0 -nolisten tcp vt7
chkutmp: nothing deleted
Checking `OSX_RSPLUG'... not infected
root@debian:/home/dom#
********************************************************************************************
RKHUNTER -C --RWO :
root@debian:/home/dom#
Warning: The O/S name or version has changed since the last run:
Old O/S value: Debian 8.7 New value: Debian 8.9
Because of the change(s) the file properties checks may give some false-positive results.
You may need to re-run rkhunter with the '--propupd' option.
Warning: WARNING! It is the users responsibility to ensure that when the '--propupd' option
is used, all the files on their system are known to be genuine, and installed from a
reliable source. The rkhunter '--check' option will compare the current file properties
against previously stored values, and report if any values differ. However, rkhunter
cannot determine what has caused the change, that is for the user to do.
Warning: The file properties have changed:
File: /usr/sbin/groupadd
Current hash: e0306faa5cfe3f3819ee651b9971b6e7f3c35636
Stored hash : 6e265bf8276be8cdcfc297f14ecfdb6b44fcc871
Current inode: 6822209 Stored inode: 6817491
Current file modification time: 1495034057 (17-mai-2017 17:14:17)
Stored file modification time : 1487923798 (24-févr.-2017 09:09:58)
Warning: The file properties have changed:
File: /usr/sbin/groupdel
Current hash: bdbf5553702a9cfc6a3e7c240600169fbc0f6bc5
Stored hash : 9cd70239a975ab077b4d39764c1bfa52b7540bf8
Current inode: 6822211 Stored inode: 6817493
Current file modification time: 1495034057 (17-mai-2017 17:14:17)
Stored file modification time : 1487923798 (24-févr.-2017 09:09:58)
Warning: The file properties have changed:
File: /usr/sbin/groupmod
Current hash: 98237d57972ed915e30bb427814e3c744cb5e345
Stored hash : 27c591572151adec4b2df43b215c12318e678472
Current inode: 6822213 Stored inode: 6817494
Current file modification time: 1495034057 (17-mai-2017 17:14:17)
Stored file modification time : 1487923798 (24-févr.-2017 09:09:58)
Warning: The file properties have changed:
File: /usr/sbin/grpck
Current hash: 12bceb8286494b67b6cbeaf29ebdaef8cbb3e70f
Stored hash : b81b6aff685d53c751c3eea68fd677dea56707c1
Current inode: 6822215 Stored inode: 6817495
Current file modification time: 1495034057 (17-mai-2017 17:14:17)
Stored file modification time : 1487923798 (24-févr.-2017 09:09:58)
Warning: The file properties have changed:
File: /usr/sbin/nologin
Current hash: 3ee97d2c0ef6b0a2d989140949fc7df15e1f6a6e
Stored hash : e6842135d3bffb4c3339ce71195f782801daccac
Current inode: 6838993 Stored inode: 6816426
Current file modification time: 1495034058 (17-mai-2017 17:14:18)
Stored file modification time : 1487923799 (24-févr.-2017 09:09:59)
Warning: The file properties have changed:
File: /usr/sbin/pwck
Current hash: d285ff27cc4a39faa7c943cce5aeb2fec194753f
Stored hash : 375a6a11b0b721a6c95fd8b141f7150c8ea5fb2f
Current inode: 6822223 Stored inode: 6817499
Current file modification time: 1495034057 (17-mai-2017 17:14:17)
Stored file modification time : 1487923798 (24-févr.-2017 09:09:58)
Warning: The file properties have changed:
File: /usr/sbin/useradd
Current hash: 0e6ea5e6bf0d537747323c5c7514c7216f3b3e5d
Stored hash : ca1a4775d01bf57cd2bd33a69eb19ad05a86ace0
Current inode: 6822226 Stored inode: 6817502
Current file modification time: 1495034057 (17-mai-2017 17:14:17)
Stored file modification time : 1487923798 (24-févr.-2017 09:09:58)
Warning: The file properties have changed:
File: /usr/sbin/userdel
Current hash: c236938b33a622eca1825517570c2444fb55eb58
Stored hash : b32537b61719b15f9f8365ec54bd83b2bf143040
Current inode: 6822227 Stored inode: 6817503
Current file modification time: 1495034057 (17-mai-2017 17:14:17)
Stored file modification time : 1487923798 (24-févr.-2017 09:09:58)
Warning: The file properties have changed:
File: /usr/sbin/usermod
Current hash: 18c10a23dc904b6f971ddc178ba92b101e8f7baf
Stored hash : 1d892bb7b89346a2d97c873722bc012e2608fa4f
Current inode: 6822228 Stored inode: 6817504
Current file modification time: 1495034057 (17-mai-2017 17:14:17)
Stored file modification time : 1487923798 (24-févr.-2017 09:09:58)
Warning: The file properties have changed:
File: /usr/sbin/vipw
Current hash: cd59eff872bf6b604740af0c491575cfa43fd442
Stored hash : 8d0575492364a2cabbf1d49117e77163a5509d33
Current inode: 6822229 Stored inode: 6817505
Current file modification time: 1495034057 (17-mai-2017 17:14:17)
Stored file modification time : 1487923798 (24-févr.-2017 09:09:58)
Warning: The file properties have changed:
File: /usr/bin/lastlog
Current hash: c7db3b2fd503c8c194216672249fe26320dc7789
Stored hash : 2a7ec2e680f7e723032823a4659f781278d95723
Current inode: 6838991 Stored inode: 6816421
Current file modification time: 1495034058 (17-mai-2017 17:14:18)
Stored file modification time : 1487923799 (24-févr.-2017 09:09:59)
Warning: The file properties have changed:
File: /usr/bin/ldd
Current hash: 529820e321fc3ec1c485f0e6ef205fede9251b69
Stored hash : 7f4034c859f0adf8e51cec8f006fceb8688cc7d0
Current inode: 6816440 Stored inode: 6816901
Current size: 5396 Stored size: 5395
Current file modification time: 1497784778 (18-juin-2017 13:19:38)
Stored file modification time : 1480307465 (28-nov.-2016 05:31:05)
Warning: The file properties have changed:
File: /usr/bin/newgrp
Current hash: 23e7bbf9872e02760aafa5973255e7b864a56829
Stored hash : cf2428799a8b2b4c322eda4ce1025f065576c024
Current inode: 6838992 Stored inode: 6816423
Current file modification time: 1495034058 (17-mai-2017 17:14:18)
Stored file modification time : 1487923799 (24-févr.-2017 09:09:59)
Warning: The file properties have changed:
File: /usr/bin/passwd
Current hash: 4bb0e75c6966aab7f2df1e729220bf4d75eba2aa
Stored hash : 8465d66706c34018a56f0d9262611d25c0d77763
Current inode: 6822236 Stored inode: 6817511
Current file modification time: 1495034057 (17-mai-2017 17:14:17)
Stored file modification time : 1487923798 (24-févr.-2017 09:09:58)
Warning: The file properties have changed:
File: /usr/bin/perl
Current hash: 32e78c1b09611e1328328414b05ecb272ed2d5c5
Stored hash : f887f3c1d2722cf5d68ab36d5b77888cb6e43f11
Current inode: 6844276 Stored inode: 6821933
Current file modification time: 1500177148 (16-juil.-2017 05:52:28)
Stored file modification time : 1469390899 (24-juil.-2016 22:08:19)
Warning: The file properties have changed:
File: /usr/bin/rkhunter
Current inode: 6817865 Stored inode: 6826703
Current file modification time: 1500146488 (15-juil.-2017 21:21:28)
Stored file modification time : 1417174052 (28-nov.-2014 12:27:32)
Warning: The file properties have changed:
File: /usr/bin/size
Current hash: 0a47b055524dbd2752a54f7f86e3bb22f5228de9
Stored hash : ced230e4c833323a518bdacef301c5100d16bc40
Current inode: 6815970 Stored inode: 6843185
Current file modification time: 1484217382 (12-janv.-2017 11:36:22)
Stored file modification time : 1424851251 (25-févr.-2015 09:00:51)
Warning: The file properties have changed:
File: /usr/bin/strings
Current hash: 187aac2107ad7b6537b19cef72be41357a0c7711
Stored hash : 4bbe56bd1e01ad85dc7491d111f2e3e475b64fc3
Current inode: 6815969 Stored inode: 6843176
Current file modification time: 1484217382 (12-janv.-2017 11:36:22)
Stored file modification time : 1424851251 (25-févr.-2015 09:00:51)
Warning: The file properties have changed:
File: /usr/bin/sudo
Current hash: 03b535791bbdad76dd8045596901490159a81631
Stored hash : 35f62578382379fd2b9d087b8ab7f969642c4507
Current inode: 6829275 Stored inode: 6842471
Current size: 176400 Stored size: 180496
Current file modification time: 1496043974 (29-mai-2017 09:46:14)
Stored file modification time : 1452470798 (11-janv.-2016 01:06:38)
Warning: The file properties have changed:
File: /usr/bin/wget
Current hash: 515019bf7a38ab4520fe13dd3939e023a792652a
Stored hash : 39aff402334dba6cac8414103abba5574047498e
Current inode: 6828210 Stored inode: 6815968
Current file modification time: 1490822086 (29-mars-2017 23:14:46)
Stored file modification time : 1467995689 (08-juil.-2016 18:34:49)
Warning: The file properties have changed:
File: /sbin/init
Current hash: 2a9988c557bd427b1cd3ca7e322d9c77bf9da481
Stored hash : ae77c13fa4774e481748948ba12a277aed273f43
Current inode: 1310727 Stored inode: 1310728
Current file modification time: 1491685707 (08-avril-2017 23:08:27)
Stored file modification time : 1483760043 (07-janv.-2017 04:34:03)
Warning: The file properties have changed:
File: /sbin/runlevel
Current hash: 40f68fe0a383ab7fdc130621d553bc7a22ddda7a
Stored hash : 7778279a5707a38e4e32da7d8469950390ef2637
Current inode: 1310892 Stored inode: 1310767
Current file modification time: 1491685707 (08-avril-2017 23:08:27)
Stored file modification time : 1483760043 (07-janv.-2017 04:34:03)
Warning: The file properties have changed:
File: /bin/login
Current hash: 612f270764697bd86c4a262f0a470b017ef03bbb
Stored hash : b28717f9dc63567ce93bb4811bcfcef15a4bdfc5
Current inode: 14155822 Stored inode: 14155782
Current file modification time: 1495034058 (17-mai-2017 17:14:18)
Stored file modification time : 1487923799 (24-févr.-2017 09:09:59)
Warning: The file properties have changed:
File: /bin/su
Current hash: 407e4ca19b4233e22f8b018c34212dbe06348b04
Stored hash : 1a52b823628efcb1c5b66e1b65d1e4c4858de6a7
Current inode: 14155837 Stored inode: 14155784
Current file modification time: 1495034058 (17-mai-2017 17:14:18)
Stored file modification time : 1487923799 (24-févr.-2017 09:09:59)
Warning: The file properties have changed:
File: /bin/systemd
Current hash: 2a9988c557bd427b1cd3ca7e322d9c77bf9da481
Stored hash : ae77c13fa4774e481748948ba12a277aed273f43
Current inode: 14155939 Stored inode: 14155909
Current file modification time: 1491685706 (08-avril-2017 23:08:26)
Stored file modification time : 1483760043 (07-janv.-2017 04:34:03)
Warning: The file properties have changed:
File: /bin/systemctl
Current hash: 40f68fe0a383ab7fdc130621d553bc7a22ddda7a
Stored hash : 7778279a5707a38e4e32da7d8469950390ef2637
Current inode: 14155807 Stored inode: 14155822
Current size: 587316 Stored size: 583220
Current file modification time: 1491685715 (08-avril-2017 23:08:35)
Stored file modification time : 1483760052 (07-janv.-2017 04:34:12)
Warning: The file properties have changed:
File: /lib/systemd/systemd
Current hash: 2a9988c557bd427b1cd3ca7e322d9c77bf9da481
Stored hash : ae77c13fa4774e481748948ba12a277aed273f43
Current inode: 11273224 Stored inode: 11272327
Current size: 1316528 Stored size: 1312436
Current file modification time: 1491685713 (08-avril-2017 23:08:33)
Stored file modification time : 1483760051 (07-janv.-2017 04:34:11)
Warning: Suspicious file types found in /dev:
/dev/shm/pulse-shm-3622484203: data
/dev/shm/pulse-shm-1088097636: data
/dev/shm/pulse-shm-3232428612: data
/dev/shm/pulse-shm-1871938962: data
/dev/shm/pulse-shm-65629161: data
/dev/shm/pulse-shm-573261549: data
/dev/shm/pulse-shm-384129371: data
/dev/shm/pulse-shm-1532049219: data
Warning: Hidden directory found: /etc/.java
root@debian:/home/dom#
---------------------------------------------------------------------------------------
Voilà ! j'ai réinstallé rkhunter et chkrootkit aujourd'hui via Synaptic avant d'obtenir ces rapports.
Merci beaucoup pour vos futures réponses !
D777
Debian
Debian-France
Debian-Facile
Debian-fr.org
Forum-Debian.fr
Debian ?
Communautés
