1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Centos Vps Security

Discussion in 'Security' started by costa1988sv, Feb 23, 2013.

  1. #1
    Someone is modifying files and mysql database on vps, the first time it modified files and stopped, after from mysql, and now again files, i changed the password, an switched to kloxo-mr, but and not fixed, he can don from my php script that?

    [ Rootkit Hunter version 1.4.0 ]

    [1;33mChecking rkhunter version... [0;39m
    This version : 1.4.0
    Latest version: 1.4.0
    [ Rootkit Hunter version 1.4.0 ]

    [1;33mChecking rkhunter data files... [0;39m
    Checking file mirrors.dat [34C[ [1;32mNo update [0;39m ]
    Checking file programs_bad.dat [29C[ [1;32mNo update [0;39m ]
    Checking file backdoorports.dat [28C[ [1;32mNo update [0;39m ]
    Checking file suspscan.dat [33C[ [1;32mNo update [0;39m ]
    Checking file i18n/cn [38C[ [1;32mNo update [0;39m ]
    Checking file i18n/de [38C[ [1;32mNo update [0;39m ]
    Checking file i18n/en [38C[ [1;32mNo update [0;39m ]
    Checking file i18n/zh [38C[ [1;32mNo update [0;39m ]
    Checking file i18n/zh.utf8 [33C[ [1;32mNo update [0;39m ]
    Warning: The command '/sbin/ifdown' has been replaced by a script: /sbin/ifdown: Bourne-Again shell script text executable
    Warning: The command '/sbin/ifup' has been replaced by a script: /sbin/ifup: Bourne-Again shell script text executable
    Warning: The command '/usr/bin/GET' has been replaced by a script: /usr/bin/GET: perl script text executable
    Warning: The command '/usr/bin/groups' has been replaced by a script: /usr/bin/groups: Bourne shell script text executable
    Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne shell script text executable
    Warning: The command '/usr/bin/whatis' has been replaced by a script: /usr/bin/whatis: Bourne shell script text executable
    Warning: The file properties have changed:
    File: /etc/rkhunter.conf
    Current hash: 5a5dfd36c0278364949bdbd851ea9f4e086ac3bf
    Stored hash : abd46c79e524e6f0e3b58756b3332761019edf80
    Current size: 37361 Stored size: 37357
    Current file modification time: 1361644930 (23-Feb-2013 21:42:10)
    Stored file modification time : 1360752129 (13-Feb-2013 13:42:09)
    Warning: Found enabled xinetd service: /etc/xinetd.d/pureftp
    Warning: Found enabled xinetd service: /etc/xinetd.d/smtp_lxa
    Warning: No output found from the lsmod command or the /proc/modules file:
    /proc/modules output:
    lsmod output:
    Warning: The kernel modules directory '/lib/modules' is missing or empty.
    Warning: The SSH and rkhunter configuration options should be the same:
    SSH configuration option 'PermitRootLogin': yes
    Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': no
    Warning: Suspicious file types found in /dev:
    /dev/.udev/uevent_seqnum: ASCII text
    Warning: Hidden directory found: '/dev/.udev'
    Warning: Hidden file found: /usr/share/man/man1/..1.gz: gzip compressed data, from Unix, max compression
    Warning: Hidden file found: /usr/bin/.fipscheck.hmac: ASCII text
    Warning: Hidden file found: /usr/bin/.ssh.hmac: ASCII text
    Warning: Hidden file found: /usr/sbin/.sshd.hmac: ASCII text
    Warning: Application 'openssl', version '0.9.8e', is out of date, and possibly a security risk.
    Warning: Application 'sshd', version '4.3p2', is out of date, and possibly a security risk.
    SEMrush
     
    costa1988sv, Feb 23, 2013 IP
    SEMrush