• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

security scan show " warning "

A

AyazA

Guest
Hi every one...

yesterday i installed the watchdog on my sever and i scanned my server by the watchdog security which is show me " warning " word with some files and also i got email in show to me below message:
" Please inspect this machine, because it may be infected. "

also in watchdog security area show me below message:
" Warning: Scanning completed at Sep 13, 2010 02:29 PM. Considerable existing/potential security problems were detected in the system. For details, see the log below. "

below my watchdog security summary with only warning:

[ Rootkit Hunter version 1.3.4 ]

Checking rkhunter data files...
Checking file mirrors.dat [ No update ]
Checking file programs_bad.dat [ Updated ]
Checking file backdoorports.dat [ Updated ]
Checking file suspscan.dat [ Updated ]
Checking file i18n/cn [ No update ]
Checking file i18n/de [ Updated ]
Checking file i18n/en [ No update ]
Checking file i18n/zh [ No update ]
Checking file i18n/zh.utf8 [ No update ]

[ Rootkit Hunter version 1.3.4 ]
File created: searched for 150 files, found 125

Checking system commands...

Performing 'strings' command checks
Checking 'strings' command [ OK ]

Performing file properties checks
Checking for prerequisites [ Warning ]

/usr/bin/GET [ Warning ]
/sbin/ifdown [ Warning ]
/sbin/ifup [ Warning ]




Performing additional rootkit checks
Suckit Rookit additional checks [ OK ]

Performing trojan specific checks
Checking for enabled xinetd services [ Warning ]
Checking for Apache backdoor [ Not found ]

Performing Linux specific checks
Checking loaded kernel modules [ Warning ]
Checking kernel module names [ Skipped ]

Checking for passwd file changes [ Warning ]
Checking for group file changes [ Warning ]


Performing system configuration file checks
Checking for SSH configuration file [ Found ]
Checking if SSH root access is allowed [ Warning ]
Checking if SSH protocol v1 is allowed [ Not allowed ]
Checking for running syslog daemon [ Found ]
Checking for syslog configuration file [ Found ]
Checking if syslog remote logging is allowed [ Not allowed ]

Performing filesystem checks
Checking /dev for suspicious file types [ None found ]
Checking for hidden files and directories [ Warning ]

[Press <ENTER> to continue]

Checking application versions...


Checking version of Apache [ Warning ]
Checking version of Bind DNS [ Warning ]

Checking version of ProFTPd [ Skipped ]
Checking version of OpenSSH [ Warning ]


System checks summary
=====================

File properties checks...
Required commands check failed
Files checked: 125
Suspect files: 3

Rootkit checks...
Rootkits checked : 113
Possible rootkits: 0

Applications checks...
Applications checked: 8
Suspect applications: 3

The system checks took: 6 minutes and 20 seconds

All results have been written to the logfile (/var/log/rkhunter.log)

One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter.log)
Click to expand...

so now what i do for that and how i can remove the warning or infection.


Thanks
Best Regards
Admin of NSW
Ayaz Ali
http://www.newsoftworld.com
 
Did you tried to read clarifications about these warnings in /var/log/rkhunter.log ?
 
You must log in or register to reply here.

Similar threads

C
Issue Performance booster not showing under domains > dev tools
Replies
6
Views
504
Peter Debik
P
Joe Payne
Resolved Error using server backup to Dropbox after update to 18.0.56
Replies
2
Views
2K
Joe Payne
Joe Payne
G
Issue Database Malware or False Positive?
Replies
2
Views
398
Gene Steinberg
G
S
Issue Sitejet Builder
Replies
0
Views
224
Sopherl
S
WolFree
Resolved Cannot install NodeJS via Plesk Update Components
Replies
3
Views
257
Peter Debik
P
Back
Top