%% RootCheck 0.3 						%%
%% Available at: http://www.ossec.net/rootcheck %%
%% By Daniel B. Cid					%%


%% Scan result info %%

	Date: Mon Oct 20 09:48:29 2003
	Operating system: Linux
	Logged in as: root
	Hostname: testsys

%% Conf files %%

	Rootkits list - db/rootkits.txt - 178 entries
	Files to check  - db/files.txt - 6 entries
	Binaries list - db/bin.txt - 54 entries
	System list (bad files) - db/list.txt - 43 entries


%% Binaries check %%

		Binaries clean.


%%Ports check %%

		TCP check:	OK

		UDP check:	OK

		You dont have any port hidden from netstat. 


%% Interfaces check %%

		Checking eth0: 192.168.10.1 OK
		Checking lo: 127.0.0.1 OK


%%Check password db%%

		User mysql has /bin/bash shell
		User gdm has /bin/bash shell


%% Check Config Files %%

	Checking sudo: /etc/sudoers

	Checking httpd.conf: /etc/apache/httpd.conf
		Server Signature is On (should be Off).

		Check http://www.ossec.net/rootcheck/info/httpd-conf.php for more info

	Checking inetd.conf: /etc/inetd.conf
		 OK

	Checking sshd_config: /etc/ssh/sshd_config
		Your system is allowing root login on sshd (should disable it).

		You are probably using the default version of sshd_config.
 		Check http://www.ossec.net/rootcheck/info/sshd-conf.php for more info

	Checking ssh keys: /etc/ssh/ssh_host_key
		OK

	Checking ssh keys: /etc/ssh/ssh_host_rsa_key
		OK

	Checking exports(NFS): /etc/exports
		 OK


%% Check Logs: %%

		Log files OK 


%% Check process/ps: %%

			 OK


%% Check for rootkits %%

		 Nothing found


%%Check /dev %%

		/dev is OK


%% Check all the system %%

	 Link files:

			Linked files OK.

	The following binaries were the last modified:

			1 - /usr/bin/wish -> Mon Oct 20 04:22:30 2003
			2 - /usr/bin/hcd -> Mon Oct 20 04:22:08 2003
			3 - /usr/bin/hcopy -> Mon Oct 20 04:22:08 2003
			4 - /usr/bin/hdel -> Mon Oct 20 04:22:08 2003
			5 - /usr/bin/hdir -> Mon Oct 20 04:22:08 2003

	The following files need check:

			Everything seems OK