Informações da última versão: Ubuntu Linux 20.10 - Groovy Gorilla
root@jeisonkertesz-Positivo-Mobile:/home/jeisonkertesz# rkhunter -c --rwoWarning: The command '/usr/bin/unhide.rb' has been replaced by a script: /usr/bin/unhide.rb: Ruby script, ASCII textWarning: Hidden directory found: /etc/.javaWarning: Hidden directory found: /dev/.udevWarning: Hidden file found: /dev/.blkid.tab: ASCII textWarning: Hidden file found: /dev/.blkid.tab.old: ASCII textWarning: Hidden file found: /dev/.initramfs: symbolic link to `/run/initramfs'root@jeisonkertesz-Positivo-Mobile:/home/jeisonkertesz#
Esse arquivo "/usr/bin/unhide.rb", vc sabe de qual pacote ele veio?O resto é erro cosmético.
jeisonkertesz@jeisonkertesz-Positivo-Mobile:~$ sudo chkrootkitROOTDIR is `/'Checking `amd'... not foundChecking `basename'... not infectedChecking `biff'... not foundChecking `chfn'... not infectedChecking `chsh'... not infectedChecking `cron'... not infectedChecking `crontab'... not infectedChecking `date'... not infectedChecking `du'... not infectedChecking `dirname'... not infectedChecking `echo'... not infectedChecking `egrep'... not infectedChecking `env'... not infectedChecking `find'... not infectedChecking `fingerd'... not foundChecking `gpm'... not foundChecking `grep'... not infectedChecking `hdparm'... not infectedChecking `su'... not infectedChecking `ifconfig'... not infectedChecking `inetd'... not infectedChecking `inetdconf'... not foundChecking `identd'... not foundChecking `init'... not infectedChecking `killall'... not infectedChecking `ldsopreload'... not infectedChecking `login'... not infectedChecking `ls'... not infectedChecking `lsof'... not infectedChecking `mail'... not infectedChecking `mingetty'... not foundChecking `netstat'... not infectedChecking `named'... not foundChecking `passwd'... not infectedChecking `pidof'... not infectedChecking `pop2'... not foundChecking `pop3'... not foundChecking `ps'... not infectedChecking `pstree'... not infectedChecking `rpcinfo'... not foundChecking `rlogind'... not foundChecking `rshd'... not foundChecking `slogin'... not infectedChecking `sendmail'... not infectedChecking `sshd'... not foundChecking `syslogd'... not testedChecking `tar'... not infectedChecking `tcpd'... not infectedChecking `tcpdump'... not infectedChecking `top'... not infectedChecking `telnetd'... not foundChecking `timed'... not foundChecking `traceroute'... not foundChecking `vdir'... not infectedChecking `w'... not infectedChecking `write'... not infectedChecking `aliens'... no suspect filesSearching for sniffer's logs, it may take a while... nothing foundSearching for rootkit HiDrootkit's default files... nothing foundSearching for rootkit t0rn's default files... nothing foundSearching for t0rn's v8 defaults... nothing foundSearching for rootkit Lion's default files... nothing foundSearching for rootkit RSHA's default files... nothing foundSearching for rootkit RH-Sharpe's default files... nothing foundSearching for Ambient's rootkit (ark) default files and dirs... nothing foundSearching for suspicious files and dirs, it may take a while... The following suspicious files and directories were found: /usr/lib/jvm/.java-1.6.0-openjdk-amd64.jinfo /usr/lib/pymodules/python2.7/.pathSearching for LPD Worm files and dirs... nothing foundSearching for Ramen Worm files and dirs... nothing foundSearching for Maniac files and dirs... nothing foundSearching for RK17 files and dirs... nothing foundSearching for Ducoci rootkit... nothing foundSearching for Adore Worm... nothing foundSearching for ShitC Worm... nothing foundSearching for Omega Worm... nothing foundSearching for Sadmind/IIS Worm... nothing foundSearching for MonKit... nothing foundSearching for Showtee... nothing foundSearching for OpticKit... nothing foundSearching for T.R.K... nothing foundSearching for Mithra... nothing foundSearching for LOC rootkit... nothing foundSearching for Romanian rootkit... nothing foundSearching for Suckit rootkit... nothing foundSearching for Volc rootkit... nothing foundSearching for Gold2 rootkit... nothing foundSearching for TC2 Worm default files and dirs... nothing foundSearching for Anonoying rootkit default files and dirs... nothing foundSearching for ZK rootkit default files and dirs... nothing foundSearching for ShKit rootkit default files and dirs... nothing foundSearching for AjaKit rootkit default files and dirs... nothing foundSearching for zaRwT rootkit default files and dirs... nothing foundSearching for Madalin rootkit default files... nothing foundSearching for Fu rootkit default files... nothing foundSearching for ESRK rootkit default files... nothing foundSearching for rootedoor... nothing foundSearching for ENYELKM rootkit default files... nothing foundSearching for common ssh-scanners default files... nothing foundSearching for suspect PHP files... nothing foundSearching for anomalies in shell history files... nothing foundChecking `asp'... not infectedChecking `bindshell'... not infectedChecking `lkm'... chkproc: nothing detectedchkdirs: nothing detectedChecking `rexedcs'... not foundChecking `sniffer'... lo: not promisc and no packet sniffer socketswlan0: PACKET SNIFFER(/sbin/wpa_supplicant[1434], /sbin/dhclient[2562])Checking `w55808'... not infectedChecking `wted'... chkwtmp: nothing deletedChecking `scalper'... not infectedChecking `slapper'... not infectedChecking `z2'... chklastlog: nothing deletedChecking `chkutmp'... chkutmp: nothing deletedChecking `OSX_RSPLUG'... not infectedjeisonkertesz@jeisonkertesz-Positivo-Mobile:~$