I get this as output from chkrootkit
Checking `rexedcs'... not found
Checking `sniffer'... eth0: not promisc and no PF_PACKET sockets
Checking `w55808'... not infected
Checking `wted'... chkwtmp: nothing deleted
Checking `scalper'... not infected
Checking `slapper'... not infected
Checking `z2'... chklastlog: nothing deleted
Checking `chkutmp'... The tty of the following user process(es) were not found
in /var/run/utmp !
! RUID PID TTY CMD
! root 7684 tty6 /sbin/getty 38400 tty6
chkutmp: nothing deleted
There is more to the list however everything else states that there was nothing found, this however list eth0 and I dont know what it is telling me.
Rootkit Hunter Finds this
* Allround tests
Checking hostname... Found. Hostname is mikethetv
Checking for passwordless user accounts... OK
Checking for differences in user accounts... [ NA ]
Checking for differences in user groups... Creating file It seems this is your first time.
Checking boot.local/rc.local file...
- /etc/rc.local [ Not found ]
- /etc/rc.d/rc.local [ Not found ]
- /usr/local/etc/rc.local [ Not found ]
- /usr/local/etc/rc.d/rc.local [ Not found ]
- /etc/conf.d/local.start [ Not found ]
- /etc/init.d/boot.local [ Not found ]
Checking rc.d files... [ Not found ]
Checking history files
Bourne Shell [ Not Found ]
* Filesystem checks
Checking /dev for suspicious files... [ OK ]
Scanning for hidden files... [ Warning! ]
Please inspect: /dev/.static (directory) /dev/.udevdb (directory)
I noticed that it created a user file... do you think this will interfere with ISPconfig?
Any ideas or does everything look ok?