Retourner aux forums || Retourner au forum Linux.mandriva
Linux.mandriva : Sécurité et intrusion sur ma mandrake autopsie du crime
Posté par Samaty Tramo (page perso, ) le 14 janvier 2005J'ai entendu une chanson (je sais il y en a qui entende des voix et cela les conduit au bûcher) qui était sur mon bureau de travail.
Ce qui m'a surpris c'est que j'étais tranquillement dans mon lit et je ne touchais pas mon ordinateur.
J'ai tout de suite pensé à une blague de mon frère et j'ai fait un "who".
Et j'étais tout seul.
Donc à priori, si je me suis fait "rootquité" la commande who doit être changé.
Donc (je commence dans la sécurité et je ne suis pas encore un pro) je fais un "ldd /usr/bin/who"
qui me donne cela
linux-gate.so.1 => (0xffffe000)
libc.so.6 => /lib/tls/libc.so.6 (0x40030000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
ici rien d'anormale.
Puis je fais un
"cd ~ludovic"
"lstrace -S -f -s 100 -o test /usr/bin/who"
qui me donne ce qui suit en bas.
Je sais qu'un tel test sur un système compromis est peut etre inutile mais ce qui me choc c'est de voir des appels à des librairies dans un dossier de l'un de mes comptes utilisateurs :
/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/sse/mmx/libc.so.6
Noté que le répertoire /home/ludovic/GNUstep/ n'existe pas et j'ai pu le créer puis l'effacer.
J'ai installé dernièrement Snort et Acid comme interface mais là si Snort marche Acid n'est pas encore opérationnelle (je dois configuré snort pour qu'il utilise une base de donné MYQSL); Par contres j'ai des logs de snort.
Si vous voyez quelque chose d'anormale dans mes logs.
Si vous y connaissez un peu en sécurité.
Pourtant je maintiens bien mon système urmpi chaque semaine sur ma mandrake.
Une malchance sans doute, je ne suis même pas sur de mettre fait "rootquité".
On conclue à une intrusion ?
31867 SYS_uname(0xbfffed24) = 0
31867 SYS_brk(NULL) = 0x804e000
31867 SYS_mmap(0xbfffea78, 1600, 0x400146bc, 0x40014b58, 4096) = 0x40015000
31867 SYS_open("/etc/ld.so.preload", 0, 037777777777) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/sse/mmx/libc.so.6", 0, 00) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/gnu-gnu-gnu/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/tls/i686/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/tls/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/tls/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/tls/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/tls/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/tls/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/tls/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/tls/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/i686/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/home/ludovic/GNUstep/Libraries/ix86/linux-gnu/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/gnu-gnu-gnu/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/tls/i686/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/tls/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/tls/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/tls/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/tls/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/tls/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/tls/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/tls/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/i686/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Local/Libraries/ix86/linux-gnu/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/gnu-gnu-gnu/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/tls/i686/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/tls/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/tls/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/tls/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/tls/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/tls/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/tls/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/tls/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/i686/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/Network/Libraries/ix86/linux-gnu/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/tls/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/gnu-gnu-gnu/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = 0
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/tls/i686/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/tls/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/tls/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/tls/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/tls/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/tls/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/tls/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/tls/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/i686/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/i686/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/i686/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/i686/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/sse/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/sse/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/mmx/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = -2
31867 SYS_open("/usr/GNUstep/System/Libraries/ix86/linux-gnu/libc.so.6", 0, 010000171516) = -2
31867 SYS_stat64(0xbfffe590, 0xbfffe610, 0x400146bc, 0x4001482c, 2) = 0
31867 SYS_open("/etc/ld.so.cache", 0, 037777777777) = 3
31867 SYS_fstat64(3, 0xbfffe5b8, 0x400146bc, 0x4001482c, 2) = 0
31867 SYS_mmap(0xbfffe598, 0xbfffe5b8, 0x400146bc, 3, 0x400147b0) = 0x40016000
31867 SYS_close(3) = 0
31867 SYS_open("/lib/tls/libc.so.6", 0, 00) = 3
31867 SYS_read(3, "\177ELF\001\001\001", 512) = 512
31867 SYS_fstat64(3, 0xbfffe608, 0x400146bc, 0x4001482c, 0) = 0
31867 SYS_mmap(0xbfffe494, 5, 0x400146bc, 0xbfffe4b0, 0xbfffe4e0) = 0x40030000
31867 SYS_mmap(0xbfffe494, 0x00119000, 0x400146bc, 0xbfffe4c8, 0x40030000) = 0x40149000
31867 SYS_mmap(0xbfffe494, 8108, 0x400146bc, 0xbfffe4c8, 0x4014d000) = 0x4014d000
31867 SYS_close(3) = 0
31867 SYS_mmap(0xbfffea9c, 1232, 0x400146bc, 0x40015fe0, 4096) = 0x4014f000
31867 SYS_set_thread_area(0xbfffec30, 81, -7168, 0x400146bc, 0x4014f080) = 0
31867 SYS_munmap(0x40016000, 105041) = 0
31867 SYS_open("/usr/share/locale/locale-archive", 32768, 00) = -2
31867 SYS_brk(NULL) = 0x804e000
31867 SYS_brk(0x806f000) = 0x806f000
31867 SYS_open("/usr/share/locale/locale.alias", 0, 0666) = 3
31867 SYS_fstat64(3, 0xbfffe988, 0x4014c218, 0x0804e008, 8192) = 0
31867 SYS_mmap2(0, 4096, 3, 34, -1) = 0x40016000
31867 SYS_read(3, "# Locale name alias data base.\n# Copyright (C) 1996-2001,2003 Free Software Foundation, Inc.\n#\n# Thi"..., 4096) = 2586
31867 SYS_read(3, "", 4096) = 0
31867 SYS_close(3) = 0
31867 SYS_munmap(0x40016000, 4096) = 0
31867 SYS_open("/usr/share/locale/fr_FR/LC_IDENTIFICATION", 0, 01001160060) = 3
31867 SYS_fstat64(3, 0xbfffecb4, 0x4014c218, 3, 0xbfffecb4) = 0
31867 SYS_mmap2(0, 352, 1, 2, 3) = 0x40016000
31867 SYS_close(3) = 0
31867 SYS_open("/usr/share/locale/fr_FR/LC_MEASUREMENT", 0, 01001166230) = 3
31867 SYS_fstat64(3, 0xbfffecb4, 0x4014c218, 3, 0xbfffecb4) = 0
31867 SYS_mmap2(0, 29, 1, 2, 3) = 0x40017000
31867 SYS_close(3) = 0
31867 SYS_open("/usr/share/locale/fr_FR/LC_TELEPHONE", 0, 01001166560) = 3
31867 SYS_fstat64(3, 0xbfffecb4, 0x4014c218, 3, 0xbfffecb4) = 0
31867 SYS_mmap2(0, 62, 1, 2, 3) = 0x40018000
31867 SYS_close(3) = 0
31867 SYS_open("/usr/share/locale/fr_FR/LC_ADDRESS", 0, 01001167140) = 3
31867 SYS_fstat64(3, 0xbfffecb4, 0x4014c218, 3, 0xbfffecb4) = 0
31867 SYS_mmap2(0, 133, 1, 2, 3) = 0x40019000
31867 SYS_close(3) = 0
31867 SYS_open("/usr/share/locale/fr_FR/LC_NAME", 0, 01001167560) = 3
31867 SYS_fstat64(3, 0xbfffecb4, 0x4014c218, 3, 0xbfffecb4) = 0
31867 SYS_mmap2(0, 68, 1, 2, 3) = 0x4001a000
31867 SYS_close(3) = 0
31867 SYS_open("/usr/share/locale/fr_FR/LC_PAPER", 0, 01001170150) = 3
31867 SYS_fstat64(3, 0xbfffecb4, 0x4014c218, 3, 0xbfffecb4) = 0
31867 SYS_mmap2(0, 40, 1, 2, 3) = 0x4001b000
31867 SYS_close(3) = 0
31867 SYS_open("/usr/share/locale/fr_FR/LC_MESSAGES", 0, 01001170520) = 3
31867 SYS_fstat64(3, 0xbfffecb4, 0x4014c218, 3, 0xbfffecb4) = 0
31867 SYS_close(3) = 0
31867 SYS_open("/usr/share/locale/fr_FR/LC_MESSAGES/SYS_LC_MESSAGES", 0, 014) = 3
31867 SYS_fstat64(3, 0xbfffecb4, 0x4014c218, 3, 0xbfffec50) = 0
31867 SYS_mmap2(0, 60, 1, 2, 3) = 0x4001c000
31867 SYS_close(3) = 0
31867 SYS_open("/usr/share/locale/fr_FR/LC_MONETARY", 0, 01001171100) = 3
31867 SYS_fstat64(3, 0xbfffecb4, 0x4014c218, 3, 0xbfffecb4) = 0
31867 SYS_mmap2(0, 292, 1, 2, 3) = 0x4001d000
31867 SYS_close(3) = 0
31867 SYS_open("/usr/share/locale/fr_FR/LC_COLLATE", 0, 01001171720) = 3
31867 SYS_fstat64(3, 0xbfffecb4, 0x4014c218, 3, 0xbfffecb4) = 0
31867 SYS_mmap2(0, 22592, 1, 2, 3) = 0x4001e000
31867 SYS_close(3) = 0
31867 SYS_open("/usr/share/locale/fr_FR/LC_TIME", 0, 01001172370) = 3
31867 SYS_fstat64(3, 0xbfffecb4, 0x4014c218, 3, 0xbfffecb4) = 0
31867 SYS_mmap2(0, 2353, 1, 2, 3) = 0x40024000
31867 SYS_close(3) = 0
31867 SYS_open("/usr/share/locale/fr_FR/LC_NUMERIC", 0, 01001173620) = 3
31867 SYS_fstat64(3, 0xbfffecb4, 0x4014c218, 3, 0xbfffecb4) = 0
31867 SYS_mmap2(0, 60, 1, 2, 3) = 0x40025000
31867 SYS_close(3) = 0
31867 SYS_open("/usr/share/locale/fr_FR/LC_CTYPE", 0, 01001174200) = 3
31867 SYS_fstat64(3, 0xbfffecb4, 0x4014c218, 3, 0xbfffecb4) = 0
31867 SYS_mmap2(0, 207972, 1, 2, 3) = 0x40150000
31867 SYS_close(3) = 0
31867 SYS_access(0x401405af, 0, 0x4014c218, 0x401405af, 0x401405a1) = -2
31867 SYS_open("/var/run/utmp", 2, 010000124704) = 3
31867 SYS_fcntl64(3, 1, 0, 0, 0x4014c218) = 0
31867 SYS_fcntl64(3, 2, 1, 0, 0x4014c218) = 0
31867 SYS__llseek(3, 0, 0, 0xbfffedd4, 0) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x401511e0, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "\b", 384) = 384
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 384) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x4014c218, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "\002", 384) = 384
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 384) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x4014c218, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "\001", 384) = 384
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 384) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x4014c218, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "\b", 384) = 384
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 384) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x4014c218, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "\007", 384) = 384
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 384) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x4014c218, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "\006", 384) = 384
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 384) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x4014c218, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "\006", 384) = 384
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 384) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x4014c218, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "\006", 384) = 384
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 384) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x4014c218, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "\006", 384) = 384
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 384) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x4014c218, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "\006", 384) = 384
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 384) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x4014c218, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "\007", 384) = 384
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 384) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x4014c218, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "\007", 384) = 384
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 384) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x4014c218, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "\007", 384) = 384
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 384) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x4014c218, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "\007", 384) = 384
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 384) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x4014c218, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "\b", 384) = 384
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 384) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_alarm(0, 0x0804fad8, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_rt_sigaction(14, 0xbfffec18, 0xbfffeb88, 8, 0x4014c218) = 0
31867 SYS_alarm(1, 0x4014c218, 0x4014c218, 0xbfffedf0, 0xbfffedf0) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_read(3, "", 384) = 0
31867 SYS_fcntl64(3, 7, 0xbfffedf0, 0xbfffedf0, 0x4014c218) = 0
31867 SYS_alarm(0, 7, 0x4014c218, 0xbfffedf0, 0) = 1
31867 SYS_rt_sigaction(14, 0xbfffec18, 0, 8, 0x4014c218) = 0
31867 SYS_close(3) = 0
31867 SYS_stat64(0xbfffed90, 0xbfffede0, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_time(0x0804d950, 0xbfffede0, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0x41e70f8c
31867 SYS_open("/usr/share/locale/fr_FR/LC_MESSAGES/coreutils.mo", 0, 05) = -2
31867 SYS_open("/usr/share/locale/fr/LC_MESSAGES/coreutils.mo", 0, 05) = 3
31867 SYS_fstat64(3, 0xbfffea38, 0x4014c218, 0, 0xbfffea38) = 0
31867 SYS_mmap2(0, 257074, 1, 2, 3) = 0x40183000
31867 SYS_close(3) = 0
31867 SYS_open("/usr/lib/gconv/gconv-modules.cache", 0, 00) = 3
31867 SYS_fstat64(3, 0xbfffe70c, 0x4014c218, 3, -1) = 0
31867 SYS_close(3) = 0
31867 SYS_open("/usr/lib/gconv/gconv-modules", 0, 0666) = 3
31867 SYS_fstat64(3, 0xbfffe600, 0x4014c218, 0x08051410, 8192) = 0
31867 SYS_mmap2(0, 4096, 3, 34, -1) = 0x401c2000
31867 SYS_read(3, "# GNU libc iconv configuration.\n# Copyright (C) 1997-2003, 2004 Free Software Foundation, Inc.\n# Thi"..., 4096) = 4096
31867 SYS_read(3, "lias\tJS//\t\t\tJUS_I.B1.002//\nalias\tYU//\t\t\tJUS_I.B1.002//\nalias\tCSISO141JUSIB1002//\tJUS_I.B1.002//\nmodu"..., 4096) = 4096
31867 SYS_read(3, "ule\tINTERNAL\t\tISO-8859-3//\t\tISO8859-3\t1\n\n#\tfrom\t\t\tto\t\t\tmodule\t\tcost\nalias\tISO-IR-110//\t\tISO-8859-4//"..., 4096) = 4096
31867 SYS_read(3, "lias\tISO-IR-199//\t\tISO-8859-14//\nalias\tLATIN8//\t\tISO-8859-14//\nalias\tL8//\t\t\tISO-8859-14//\nalias\tISO_"..., 4096) = 4096
31867 SYS_read(3, "\t\tto\t\t\tmodule\t\tcost\nalias\tCSEBCDICES//\t\tEBCDIC-ES//\nalias\tEBCDICES//\t\tEBCDIC-ES//\nmodule\tEBCDIC-ES//"..., 4096) = 4096
31867 SYS_read(3, "ule\t\tcost\nalias\tCP284//\t\t\tIBM284//\nalias\tEBCDIC-CP-ES//\t\tIBM284//\nalias\tCSIBM284//\t\tIBM284//\nalias\tO"..., 4096) = 4096
31867 SYS_read(3, "lias\tCP864//\t\t\tIBM864//\nalias\t864//\t\t\tIBM864//\nalias\tCSIBM864//\t\tIBM864//\nalias\tOSF10020360//\t\tIBM86"..., 4096) = 4096
31867 SYS_read(3, "module\tIBM937//\t\tINTERNAL\t\tIBM937\t\t1\nmodule\tINTERNAL\t\tIBM937//\t\tIBM937\t\t1\n\n#\tfrom\t\t\tto\t\t\tmodule\t\tcos"..., 4096) = 4096
31867 SYS_read(3, "\tEUC-JP//\nalias\tUJIS//\t\t\tEUC-JP//\nmodule\tEUC-JP//\t\tINTERNAL\t\tEUC-JP\t\t1\nmodule\tINTERNAL\t\tEUC-JP//\t\tEU"..., 4096) = 4096
31867 SYS_read(3, "module\t\tcost\nalias\tISO-IR-143//\t\tIEC_P27-1//\nalias\tCSISO143IECP271//\tIEC_P27-1//\nalias\tIEC_P271//\t\tI"..., 4096) = 4096
31867 SYS_read(3, "-BOX//\nmodule\tISO_10367-BOX//\t\tINTERNAL\t\tISO_10367-BOX\t1\nmodule\tINTERNAL\t\tISO_10367-BOX//\t\tISO_10367"..., 4096) = 4096
31867 SYS_read(3, "dule\tTCVN5712-1//\t\tINTERNAL\t\tTCVN5712-1\t1\nmodule\tINTERNAL\t\tTCVN5712-1//\t\tTCVN5712-1\t1\n\n#\tfrom\t\t\tto\t\t"..., 4096) = 1687
31867 SYS_read(3, "", 4096) = 0
31867 SYS_close(3) = 0
31867 SYS_munmap(0x401c2001, 4096) = 0
31867 SYS_open("/usr/lib/gconv/ISO8859-15.so", 0, 00) = 3
31867 SYS_read(3, "\177ELF\001\001\001", 512) = 512
31867 SYS_fstat64(3, 0xbfffd948, 0x400146bc, 0x4001482c, 0) = 0
31867 SYS_mmap(0xbfffd834, 5, 0x400146bc, 0xbfffd850, 0xbfffd880) = 0x401c2000
31867 SYS_mmap(0xbfffd834, 8192, 0x400146bc, 0xbfffd868, 0x401c2000) = 0x401c4000
31867 SYS_close(3) = 0
31867 SYS_open("/usr/lib/gconv/ISO8859-1.so", 0, 00) = 3
31867 SYS_read(3, "\177ELF\001\001\001", 512) = 512
31867 SYS_fstat64(3, 0xbfffd948, 0x400146bc, 0x4001482c, 0) = 0
31867 SYS_mmap(0xbfffd834, 5, 0x400146bc, 0xbfffd850, 0xbfffd880) = 0x401c5000
31867 SYS_mmap(0xbfffd834, 4096, 0x400146bc, 0xbfffd868, 0x401c5000) = 0x401c6000
31867 SYS_close(3) = 0
31867 SYS_brk(0x8090000) = 0x8090000
31867 SYS_open("/etc/localtime", 0, 0666) = 3
31867 SYS_fstat64(3, 0xbfffeabc, 0x4014c218, 0, 0x4013f4bb) = 0
31867 SYS_fstat64(3, 0xbfffe964, 0x4014c218, 0x080709f8, 8192) = 0
31867 SYS_mmap2(0, 4096, 3, 34, -1) = 0x401c7000
31867 SYS_read(3, "TZif", 4096) = 1082
31867 SYS_close(3) = 0
31867 SYS_munmap(0x401c7000, 4096) = 0
31867 SYS_fstat64(1, 0xbfffeacc, 0x4014c218, 0x4014a080, 8192) = 0
31867 SYS_mmap2(0, 4096, 3, 34, -1) = 0x401c7000
31867 SYS_write(1, "root tty1 Dec 23 23:37\n", 35) = 35
31867 SYS_stat64(0xbfffed90, 0xbfffede0, 0x4014c218, 0xbfffef64, 0xbfffeef0) = -2
31867 SYS_write(1, "ludovic :0 Jan 6 05:56\n", 35) = 35
31867 SYS_stat64(0xbfffed90, 0xbfffede0, 0x4014c218, 0xbfffef64, 0xbfffeef0) = 0
31867 SYS_write(1, "ludovic pts/3 Dec 23 23:39\n", 35) = 35
31867 SYS_stat64(0xbfffed90, 0xbfffede0, 0x4014c218, 0xbfffef64, 0xbfffeef0) = -2
31867 SYS_write(1, "ludovic pts/4 Dec 23 23:39\n", 35) = 35
31867 SYS_stat64(0xbfffed90, 0xbfffede0, 0x4014c218, 0xbfffef64, 0xbfffeef0) = -2
31867 SYS_write(1, "ludovic pts/5 Dec 24 17:38\n", 35) = 35
31867 SYS_munmap(0x401c7000, 4096) = 0
31867 SYS_exit_group(0 <unfinished ...>
31867 +++ exited (status 0) +++
> Lire le message (15 commentaires, moyenne: 1,8).
Pour voir si ...
des fichiers ont été modifiés, tu peux utiliser une option de la commande RPM qui vérifie que les fichiers installés n'ont pas été modifiés.
-
[^]Re: Pour voir si ...
Posté par Nicolas Bernard (page perso, ) le 14/01/2005 à 09:21. (lien). Évalué à 3.Non, dans le cas d'une intrusion il faut supposer que rpm a été modifiée. La méthode la plus fiable pour tester serait de lancer chkrootkit (http://www.chkrootkit.org/(...)) depuis un livecd pour voir si rootkit il y a...
-
[^]Re: Pour voir si ...
Posté par Matthieu MARC () le 14/01/2005 à 09:32. (lien). Évalué à 2.Ca ne peut pas faire de mal de vérifier avec rpm. Si rpm n'a pas été modifié, il trouvera la liste des fichiers modifiés. Sinon, il pourra ensuite utilise chkrootkit.
-
[^]Re: Pour voir si ...
Posté par Samaty Tramo (page perso, ) le 17/01/2005 à 10:17. (lien). Évalué à 1.Je l'essayes aussi.
Par contre j'ai essayer aussi un "rpm -Va" commande que je n'avait jamais encore fait et la lecture n'est pas facile.
Bon la je pars au travail, je mis remet ce soir.-
[^]Re: Pour voir si ...
Posté par Samaty Tramo (page perso, ) le 18/01/2005 à 09:49. (lien). Évalué à 1.Voila l'antirootkit a fonctionner, voila sa sortir.
Il faudra refaire le test depuis la mandrake move que je viens de graver pour être en environnement extérieur.
./chkrootkit
ROOTDIR is `/'
Checking `amd'... not found
Checking `basename'... not infected
Checking `biff'... not found
Checking `chfn'... not infected
Checking `chsh'... not infected
Checking `cron'... not infected
Checking `date'... not infected
Checking `du'... not infected
Checking `dirname'... not infected
Checking `echo'... not infected
Checking `egrep'... not infected
Checking `env'... not infected
Checking `find'... not infected
Checking `fingerd'... not found
Checking `gpm'... not found
Checking `grep'... not infected
Checking `hdparm'... not infected
Checking `su'... not infected
Checking `ifconfig'... not infected
Checking `inetd'... not tested
Checking `inetdconf'... not found
Checking `identd'... not found
Checking `init'... not infected
Checking `killall'... not infected
Checking `ldsopreload'... not infected
Checking `login'... not infected
Checking `ls'... not infected
Checking `lsof'... not infected
Checking `mail'... not infected
Checking `mingetty'... not infected
Checking `netstat'... not infected
Checking `named'... not infected
Checking `passwd'... not infected
Checking `pidof'... not infected
Checking `pop2'... not found
Checking `pop3'... not found
Checking `ps'... not infected
Checking `pstree'... not infected
Checking `rpcinfo'... not infected
Checking `rlogind'... not infected
Checking `rshd'... not infected
Checking `slogin'... not infected
Checking `sendmail'... not infected
Checking `sshd'... not infected
Checking `syslogd'... not infected
Checking `tar'... not infected
Checking `tcpd'... not infected
Checking `tcpdump'... not infected
Checking `top'... not infected
Checking `telnetd'... not infected
Checking `timed'... not found
Checking `traceroute'... not infected
Checking `vdir'... not infected
Checking `w'... not infected
Checking `write'... not infected
Checking `aliens'... no suspect files
Searching for sniffer's logs, it may take a while... nothing found
Searching for HiDrootkit's default dir... nothing found
Searching for t0rn's default files and dirs... nothing found
Searching for t0rn's v8 defaults... nothing found
Searching for Lion Worm default files and dirs... nothing found
Searching for RSHA's default files and dir... nothing found
Searching for RH-Sharpe's default files... nothing found
Searching for Ambient's rootkit (ark) default files and dirs... nothing found
Searching for suspicious files and dirs, it may take a while...
/usr/lib/perl5/site_perl/5.8.1/i386-linux-thread-multi/auto/VRML/VRMLFunc/.packlist /usr/lib/pear/.registry /usr/lib/pear/.lock /usr/lib/pear/.filemap
/usr/lib/pear/.registry
Searching for LPD Worm files and dirs... nothing found
Searching for Ramen Worm files and dirs... nothing found
Searching for Maniac files and dirs... nothing found
Searching for RK17 files and dirs... nothing found
Searching for Ducoci rootkit... nothing found
Searching for Adore Worm... nothing found
Searching for ShitC Worm... nothing found
Searching for Omega Worm... nothing found
Searching for Sadmind/IIS Worm... nothing found
Searching for MonKit... nothing found
Searching for Showtee... nothing found
Searching for OpticKit... nothing found
Searching for T.R.K... nothing found
Searching for Mithra... nothing found
Searching for OBSD rk v1... nothing found
Searching for LOC rootkit... nothing found
Searching for Romanian rootkit... nothing found
Searching for HKRK rootkit... nothing found
Searching for Suckit rootkit... nothing found
Searching for Volc rootkit... nothing found
Searching for Gold2 rootkit... nothing found
Searching for TC2 Worm default files and dirs... nothing found
Searching for Anonoying rootkit default files and dirs... nothing found
Searching for ZK rootkit default files and dirs... nothing found
Searching for ShKit rootkit default files and dirs... nothing found
Searching for AjaKit rootkit default files and dirs... nothing found
Searching for zaRwT rootkit default files and dirs... nothing found
Searching for Madalin rootkit default files... nothing found
Searching for anomalies in shell history files... nothing found
Checking `asp'... not infected
Checking `bindshell'... not infected
Checking `lkm'... You have 14 process hidden for readdir command
You have 14 process hidden for ps command
Warning: Possible LKM Trojan installed
Checking `rexedcs'... not found
Checking `sniffer'... eth1: PF_PACKET(/sbin/dhclient)
Checking `w55808'... not infected
Checking `wted'... nothing deleted
Checking `scalper'... not infected
Checking `slapper'... not infected
Checking `z2'... nothing deleted
Et la sortie de la commande rpm -Va
Ce qui est surprenant c'est le nombre de dépendance non satisfaite.
N ayant jamais valider un packtage sans ses dépendances.
j'imagine que le "c" signifie "change" en gros le fichier à été changer.
Par contre pour cela il va me falloir lire "man rpm"
S.5....T
....L...
.......T
.M......
manquant Simple à comprendre.
..5....T
......G.
.M....G.
.....UG.
.M...UG.
SM5....T
S.5.. . .T
Donc c'est un code SM5..UGT et chaque lettre veut dire quelquechose.
dépendances non satisfaites pour libgnucash0-devel-1.8.8-2mdk: libgnucash0 = 1.8.8-2mdk
dépendances non satisfaites pour libgdk_pixbuf2.0_0-devel-2.2.4-10.1.100mdk: libgdk_pixbuf2.0_0 = 2.2.4-10.1.100mdk
S.5....T /usr/share/fonts/ttf/latex/fonts.cache-1
dépendances non satisfaites pour libkdegames1-devel-3.2-9mdk: libkdegames1 = 1:3.2-9mdk
S.5....T /usr/share/lyx/doc/LaTeXConfig.lyx
S.5....T /usr/share/lyx/lyxrc.defaults
.......T /usr/share/lyx/packages.lst
S.5....T /usr/share/lyx/textclass.lst
.......T /usr/share/lyx/xfonts/PSres.upr
....L... /usr/share/lyx/xfonts/cmex10.pfb
....L... /usr/share/lyx/xfonts/cmmi10.pfb
....L... /usr/share/lyx/xfonts/cmr10.pfb
....L... /usr/share/lyx/xfonts/cmsy10.pfb
....L... /usr/share/lyx/xfonts/eufm10.pfb
.......T /usr/share/lyx/xfonts/fonts.dir
.......T /usr/share/lyx/xfonts/fonts.scale
....L... /usr/share/lyx/xfonts/msam10.pfb
....L... /usr/share/lyx/xfonts/msbm10.pfb
....L... /usr/share/lyx/xfonts/wasy10.pfb
dépendances non satisfaites pour libltdl3-devel-1.4.3-10mdk: libtool = 1.4.3-10mdk, libltdl3 = 1.4.3-10mdk
.......T /usr/share/libtool/libltdl/COPYING.LIB
S.5....T /usr/share/libtool/libltdl/Makefile.am
S.5....T /usr/share/libtool/libltdl/Makefile.in
S.5....T /usr/share/libtool/libltdl/README
S.5....T /usr/share/libtool/libltdl/acinclude.m4
S.5....T /usr/share/libtool/libltdl/aclocal.m4
S.5....T /usr/share/libtool/libltdl/config-h.in
S.5....T /usr/share/libtool/libltdl/configure
S.5....T /usr/share/libtool/libltdl/ltdl.c
S.5....T /usr/share/libtool/libltdl/ltdl.h
.M...... c /etc/rc.d/init.d/syslog
S.5....T c /etc/sysconfig/syslog
S.5....T c /etc/syslog.conf
.M...... /etc/X11/wmsession.d
....L... /usr/lib/libdb.so.3
.M...... c /etc/rc.d/init.d/mtink
manquant /boot/kernel.h-2.6.8
.M...... c /etc/rc.d/init.d/nfslock
dépendances non satisfaites pour gcc-objc-3.3.2-6mdk: gcc = 3.3.2-6mdk
dépendances non satisfaites pour libglib2.0_0-devel-2.2.3-1mdk: libglib2.0_0 = 2.2.3-1mdk
S.5....T /lib/modules/2.4.22-10mdk/modules.dep
.......T /lib/modules/2.4.22-10mdk/modules.generic_string
.......T /lib/modules/2.4.22-10mdk/modules.ieee1394map
.......T /lib/modules/2.4.22-10mdk/modules.isapnpmap
.......T /lib/modules/2.4.22-10mdk/modules.parportmap
S.5....T /lib/modules/2.4.22-10mdk/modules.pcimap
.......T /lib/modules/2.4.22-10mdk/modules.pnpbiosmap
.......T /lib/modules/2.4.22-10mdk/modules.usbmap
dépendances non satisfaites pour python-docs-2.3.3-2mdk: python = 2.3.3-2mdk
S.5....T /usr/share/fonts/ttf/tamil/fonts.cache-1
dépendances non satisfaites pour libvorbis0-devel-1.0.1-4mdk: libvorbis0 = 1.0.1-4mdk, libvorbisenc2 = 1.0.1-4mdk, libvorbisfile3 = 1.0.1-4mdk
.......T c /etc/crontab
..5....T c /etc/inittab
S.5....T c /etc/modules
......G. /etc/ppp/peers
.M...... c /etc/rc.d/init.d/dm
.M...... c /etc/rc.d/init.d/functions
.M...... c /etc/rc.d/init.d/halt
.M...... c /etc/rc.d/init.d/killall
.M...... c /etc/rc.d/init.d/mandrake_consmap
.M...... c /etc/rc.d/init.d/mandrake_everytime
.M...... c /etc/rc.d/init.d/mandrake_firstime
.M...... c /etc/rc.d/init.d/netfs
.M...... c /etc/rc.d/init.d/network
.M...... c /etc/rc.d/init.d/partmon
.M...... c /etc/rc.d/init.d/rawdevices
.M...... c /etc/rc.d/init.d/single
.M...... c /etc/rc.d/init.d/usb
S.5....T c /etc/sysconfig/usb
S.5....T c /etc/sysctl.conf
S.5....T c /etc/modprobe.conf
S.5....T c /etc/modprobe.preload
.M...... c /etc/rc.d/init.d/netplugd
S.5....T d /usr/share/doc/HTML/index.html
.M...... /var/log/ppp
.M...... /var/log/ppp/connect-errors
manquant /var/run/ppp/resolv.conf
S.5....T c /etc/sysconfig/firstboot
.M...... c /etc/rc.d/init.d/devfsd
..5....T /usr/share/fonts/type1/hebrew/fonts.cache-1
.M...... c /etc/rc.d/init.d/vncserver
.M...... c /etc/rc.d/init.d/mysql
manquant /usr/X11R6/lib/X11/fonts/Speedo/encodings.dir
manquant /usr/X11R6/lib/X11/fonts/TTF/encodings.dir
..5....T /usr/X11R6/lib/X11/fonts/TTF/fonts.cache-1
manquant /usr/X11R6/lib/X11/fonts/Type1/encodings.dir
..5....T /usr/X11R6/lib/X11/fonts/Type1/fonts.cache-1
.M....G. c /etc/rc.d/init.d/squid
S.5....T /usr/share/texmf/ls-R
dépendances non satisfaites pour php-domxml-4.3.2-3mdk: libxsltbreakpoint.so.1
dépendances non satisfaites pour libghttp1-devel-1.0.9-6mdk: libghttp1 = 1.0.9-6mdk
dépendances non satisfaites pour libtermcap2-devel-2.0.8-35mdk: libtermcap2 = 2.0.8-35mdk
dépendances non satisfaites pour libesound0-devel-0.2.32-2mdk: esound = 0.2.32-2mdk, libesound0 = 0.2.32-2mdk
dépendances non satisfaites pour libpython2.3-devel-2.3.3-2mdk: python = 2.3.3-2mdk, libpython2.3 = 2.3.3-2mdk
.M...... /etc/rc.d/init.d/zope
S.5....T c /etc/sysconfig/bootsplash
.M...... c /etc/rc.d/init.d/keytable
dépendances non satisfaites pour libungif4-devel-4.1.0-23mdk: libungif4 = 4.1.0-23mdk
S.5....T c /etc/exports
S.5....T c /etc/printcap
..5....T c /etc/securetty
S.5....T c /etc/shells
.M....G. /var/log/lastlog
dépendances non satisfaites pour gettext-devel-0.13.1-1mdk: gettext = 0.13.1-1mdk
.M...... c /etc/rc.d/init.d/named
S.5....T /usr/share/fonts/ttf/bengali/fonts.cache-1
..5....T c /etc/login.defs
.......T c /etc/xinetd.d/telnet
.M...... c /etc/rc.d/init.d/harddrake
S.5....T c /etc/sysconfig/harddrake2/previous_hw
.M...... c /etc/rc.d/init.d/postgresql
.....UG. /etc/cups/certs
.M....GT c /etc/cups/classes.conf
.M....G. c /etc/cups/cupsd.conf
......G. /etc/cups/ppd
SM5...GT c /etc/cups/printers.conf
.M....G. /etc/cups/ssl
.M...... c /etc/rc.d/init.d/cups
.M...UG. /var/spool/cups
.M...UG. /var/spool/cups/tmp
.M...... c /etc/rc.d/init.d/udev
.......T /usr/include/wx/app.h
.......T /usr/include/wx/arrimpl.cpp
.......T /usr/include/wx/buffer.h
.......T /usr/include/wx/build.h
.......T /usr/include/wx/chkconf.h
.......T /usr/include/wx/clntdata.h
.......T /usr/include/wx/cmdline.h
.......T /usr/include/wx/confbase.h
.......T /usr/include/wx/config.h
.......T /usr/include/wx/date.h
.......T /usr/include/wx/datetime.h
.......T /usr/include/wx/datetime.inl
.......T /usr/include/wx/datstrm.h
.......T /usr/include/wx/db.h
.......T /usr/include/wx/dbkeyg.h
.......T /usr/include/wx/dbtable.h
.......T /usr/include/wx/dde.h
.......T /usr/include/wx/debug.h
.......T /usr/include/wx/defs.h
.......T /usr/include/wx/dir.h
.......T /usr/include/wx/dynarray.h
.......T /usr/include/wx/dynlib.h
.......T /usr/include/wx/dynload.h
.......T /usr/include/wx/encconv.h
.......T /usr/include/wx/event.h
.......T /usr/include/wx/features.h
.......T /usr/include/wx/ffile.h
.......T /usr/include/wx/file.h
.......T /usr/include/wx/fileconf.h
.......T /usr/include/wx/filefn.h
.......T /usr/include/wx/filename.h
.......T /usr/include/wx/filesys.h
.......T /usr/include/wx/fontenc.h
.......T /usr/include/wx/fontmap.h
.......T /usr/include/wx/fs_inet.h
.......T /usr/include/wx/fs_mem.h
.......T /usr/include/wx/fs_zip.h
.......T /usr/include/wx/gsocket.h
.......T /usr/include/wx/hash.h
.......T /usr/include/wx/hashmap.h
.......T /usr/include/wx/intl.h
.......T /usr/include/wx/ioswrap.h
.......T /usr/include/wx/ipc.h
.......T /usr/include/wx/ipcbase.h
.......T /usr/include/wx/isql.h
.......T /usr/include/wx/isqlext.h
.......T /usr/include/wx/list.h
.......T /usr/include/wx/listimpl.cpp
.......T /usr/include/wx/log.h
.......T /usr/include/wx/longlong.h
.......T /usr/include/wx/memconf.h
.......T /usr/include/wx/memory.h
.......T /usr/include/wx/memtext.h
.......T /usr/include/wx/mimetype.h
.......T /usr/include/wx/module.h
.......T /usr/include/wx/msgout.h
.......T /usr/include/wx/mstream.h
.......T /usr/include/wx/object.h
.......T /usr/include/wx/platform.h
.......T /usr/include/wx/process.h
.......T /usr/include/wx/protocol/file.h
.......T /usr/include/wx/protocol/ftp.h
.......T /usr/include/wx/protocol/http.h
.......T /usr/include/wx/protocol/protocol.h
.......T /usr/include/wx/regex.h
.......T /usr/include/wx/sckaddr.h
.......T /usr/include/wx/sckipc.h
.......T /usr/include/wx/sckstrm.h
.......T /usr/include/wx/snglinst.h
.......T /usr/include/wx/socket.h
.......T /usr/include/wx/strconv.h
.......T /usr/include/wx/stream.h
.......T /usr/include/wx/string.h
.......T /usr/include/wx/sysopt.h
.......T /usr/include/wx/textbuf.h
.......T /usr/include/wx/textfile.h
.......T /usr/include/wx/thread.h
.......T /usr/include/wx/thrimpl.cpp
.......T /usr/include/wx/time.h
.......T /usr/include/wx/timer.h
.......T /usr/include/wx/tokenzr.h
.......T /usr/include/wx/txtstrm.h
.......T /usr/include/wx/unix/gsockunx.h
.......T /usr/include/wx/unix/mimetype.h
.......T /usr/include/wx/url.h
.......T /usr/include/wx/utils.h
.......T /usr/include/wx/variant.h
.......T /usr/include/wx/vector.h
.......T /usr/include/wx/version.h
.......T /usr/include/wx/volume.h
.......T /usr/include/wx/wfstream.h
.......T /usr/include/wx/wx.h
.......T /usr/include/wx/wxchar.h
.......T /usr/include/wx/wxprec.h
.......T /usr/include/wx/zipstrm.h
.......T /usr/include/wx/zstream.h
.......T /usr/share/aclocal/wxwin.m4
S.5....T /usr/share/locale/de/LC_MESSAGES/wxstd.mo
S.5....T /usr/share/locale/es/LC_MESSAGES/wxstd.mo
S.5....T /usr/share/locale/fr/LC_MESSAGES/wxstd.mo
S.5....T /usr/share/locale/it/LC_MESSAGES/wxstd.mo
dépendances non satisfaites pour libgnome32-devel-1.4.2-7mdk: libgnome32 = 1.4.2-7mdk
.M...... c /etc/rc.d/init.d/portmap
dépendances non satisfaites pour libnas2-devel-1.6b-1mdk: libnas2 = 1.6b
S.5....T /usr/share/fonts/ttf/ethiopic/fonts.cache-1
dépendances non satisfaites pour libart_lgpl2-devel-2.3.16-1mdk: libart_lgpl2 = 2.3.16-1mdk
dépendances non satisfaites pour acl-2.2.22-1mdk: libacl1 = 2.2.22-1mdk
dépendances non satisfaites pour pcre-4.3-5mdk: libpcre0 = 4.3
dépendances non satisfaites pour libMesaGLU1-devel-5.0.2-2mdk: libMesaGLU1 = 5.0.2-2mdk
manquant /usr/X11R6/lib/libGL.la
S.5....T c /etc/sysconfig/msec
SM5....T c /etc/security/console.apps/halt
SM5....T c /etc/security/console.apps/poweroff
SM5....T c /etc/security/console.apps/reboot
.......T /usr/share/fonts/ttf/japanese/fonts.cache-1
.M...... c /etc/rc.d/init.d/messagebus
.......T /usr/share/eazel-engine/arrow_down-spinner.png
.......T /usr/share/eazel-engine/arrow_down.png
.......T /usr/share/eazel-engine/arrow_left.png
.......T /usr/share/eazel-engine/arrow_right.png
.......T /usr/share/eazel-engine/arrow_up-spinner.png
.......T /usr/share/eazel-engine/arrow_up.png
.......T /usr/share/eazel-engine/check-active-default-focus.png
.......T /usr/share/eazel-engine/check-active-default.png
.......T /usr/share/eazel-engine/check-active-hilight-focus.png
.......T /usr/share/eazel-engine/check-active-hilight.png
.......T /usr/share/eazel-engine/check-active-insensitive.png
.......T /usr/share/eazel-engine/check-active-pressed-focus.png
.......T /usr/share/eazel-engine/check-active-pressed.png
.......T /usr/share/eazel-engine/check-default-focus.png
.......T /usr/share/eazel-engine/check-default.png
.......T /usr/share/eazel-engine/check-hilight-focus.png
.......T /usr/share/eazel-engine/check-hilight.png
.......T /usr/share/eazel-engine/check-insensitive.png
.......T /usr/share/eazel-engine/check-pressed-focus.png
.......T /usr/share/eazel-engine/check-pressed.png
.......T /usr/share/eazel-engine/progressbar-left.png
.......T /usr/share/eazel-engine/progressbar-right.png
.......T /usr/share/eazel-engine/progressbar.png
.......T /usr/share/eazel-engine/progressbar_trough.png
.......T /usr/share/eazel-engine/radio-active-default-focus.png
.......T /usr/share/eazel-engine/radio-active-default.png
.......T /usr/share/eazel-engine/radio-active-hilight-focus.png
.......T /usr/share/eazel-engine/radio-active-hilight.png
.......T /usr/share/eazel-engine/radio-active-insensitive.png
.......T /usr/share/eazel-engine/radio-active-pressed-focus.png
.......T /usr/share/eazel-engine/radio-active-pressed.png
.......T /usr/share/eazel-engine/radio-default-focus.png
.......T /usr/share/eazel-engine/radio-default.png
.......T /usr/share/eazel-engine/radio-hilight-focus.png
.......T /usr/share/eazel-engine/radio-hilight.png
.......T /usr/share/eazel-engine/radio-insensitive.png
.......T /usr/share/eazel-engine/radio-pressed-focus.png
.......T /usr/share/eazel-engine/radio-pressed.png
.......T /usr/share/eazel-engine/scroller-arrow-down-hilight.png
.......T /usr/share/eazel-engine/scroller-arrow-down-pressed.png
.......T /usr/share/eazel-engine/scroller-arrow-down.png
.......T /usr/share/eazel-engine/scroller-arrow-left-hilight.png
.......T /usr/share/eazel-engine/scroller-arrow-left-pressed.png
.......T /usr/share/eazel-engine/scroller-arrow-left.png
.......T /usr/share/eazel-engine/scroller-arrow-right-hilight.png
.......T /usr/share/eazel-engine/scroller-arrow-right-pressed.png
.......T /usr/share/eazel-engine/scroller-arrow-right.png
.......T /usr/share/eazel-engine/scroller-arrow-up-hilight.png
.......T /usr/share/eazel-engine/scroller-arrow-up-pressed.png
.......T /usr/share/eazel-engine/scroller-arrow-up.png
.......T /usr/share/eazel-engine/scroller-h-hilight.png
.......T /usr/share/eazel-engine/scroller-h-thumb-hilight.png
.......T /usr/share/eazel-engine/scroller-h-thumb.png
.......T /usr/share/eazel-engine/scroller-h-trough.png
.......T /usr/share/eazel-engine/scroller-h.png
.......T /usr/share/eazel-engine/scroller-v-hilight.png
.......T /usr/share/eazel-engine/scroller-v-thumb-hilight.png
.......T /usr/share/eazel-engine/scroller-v-thumb.png
.......T /usr/share/eazel-engine/scroller-v-trough.png
.......T /usr/share/eazel-engine/scroller-v.png
.......T /usr/share/eazel-engine/slider_h_thumb.png
.......T /usr/share/eazel-engine/slider_h_trough.png
.......T /usr/share/eazel-engine/slider_h_trough_focus.png
.......T /usr/share/eazel-engine/slider_v_thumb.png
.......T /usr/share/eazel-engine/slider_v_trough.png
.......T /usr/share/eazel-engine/slider_v_trough_focus.png
.......T /usr/share/eazel-engine/tab_left-unsel.png
.......T /usr/share/eazel-engine/tab_left.png
.......T /usr/share/eazel-engine/tab_right.png
.......T /usr/share/eazel-engine/tab_sel-bottom.png
.......T /usr/share/eazel-engine/tab_sel.png
.......T /usr/share/eazel-engine/tab_usel-bottom-left.png
.......T /usr/share/eazel-engine/tab_usel-bottom.png
.......T /usr/share/eazel-engine/tab_usel-left.png
.......T /usr/share/eazel-engine/tab_usel.png
dépendances non satisfaites pour kdeedu-3.1.3-9mdk: libkdeedu1 = 3.1.3-9mdk, kiten.so
dépendances non satisfaites pour libexpat0-devel-1.95.6-4mdk: libexpat0 = 1.95.6
SM5....T c /etc/nessus/nessusd.conf
.M...... c /etc/rc.d/init.d/nessusd
dépendances non satisfaites pour rpm-build-4.2.2-7mdk: rpm = 4.2.2-7mdk
.......T d /usr/share/man/man8/rpmbuild.8.bz2
.......T d /usr/share/man/man8/rpmdeps.8.bz2
S.5....T /lib/modules/2.6.3-7mdk/modules.alias
.......T /lib/modules/2.6.3-7mdk/modules.ccwmap
S.5....T /lib/modules/2.6.3-7mdk/modules.dep
..5....T /lib/modules/2.6.3-7mdk/modules.ieee1394map
..5....T /lib/modules/2.6.3-7mdk/modules.inputmap
..5....T /lib/modules/2.6.3-7mdk/modules.isapnpmap
S.5....T /lib/modules/2.6.3-7mdk/modules.pcimap
..5....T /lib/modules/2.6.3-7mdk/modules.symbols
..5....T /lib/modules/2.6.3-7mdk/modules.usbmap
dépendances non satisfaites pour libgmp3-devel-4.1.2-4mdk: libgmp3 = 4.1.2-4mdk
dépendances non satisfaites pour libgtk+2.0_0-devel-2.2.4-10.1.100mdk: libgtk+2.0_0 = 2.2.4-10.1.100mdk, libgtk+-x11-2.0_0 = 2.2.4-10.1.100mdk
.......T /usr/share/apps/konqsidebartng/virtual_folders/remote/web/mdk_web.desktop
.......T /usr/share/apps/konqsidebartng/virtual_folders/remote/web/mdkbizcase_web.desktop
.......T /usr/share/apps/konqsidebartng/virtual_folders/remote/web/mdkcampus_web.desktop
.......T /usr/share/apps/konqsidebartng/virtual_folders/remote/web/mdkexpert_web.desktop
.......T /usr/share/apps/konqsidebartng/virtual_folders/remote/web/mdkforum_web.desktop
.......T /usr/share/apps/konqsidebartng/virtual_folders/remote/web/mdkonline_web.desktop
.......T /usr/share/apps/konqsidebartng/virtual_folders/remote/web/mdkstore_web.desktop
S.5....T /usr/X11R6/lib/X11/icewm/menu
.M...... c /etc/rc.d/init.d/proftpd
SM5....T c /etc/security/fileshare.conf
S.5....T /usr/local/RealPlayer/realplay
.M...... c /etc/rc.d/init.d/nfs
....L... /usr/share/config
dépendances non satisfaites pour libalsa2-devel-1.0.2-3mdk: libalsa2 = 1:1.0.2
.M...... c /etc/rc.d/init.d/radvd
dépendances non satisfaites pour libaudiofile0-devel-0.2.5-1mdk: libaudiofile0 = 0.2.5
S.5....T c /etc/mtools.conf
dépendances non satisfaites pour libatk1.0_0-devel-1.4.1-1mdk: libatk1.0_0 = 1.4.1-1mdk
dépendances non satisfaites pour libdb4.1-devel-4.1.25-4mdk: libdb4.1 = 4.1.25-4mdk
S.5....T c /etc/modules.conf
dépendances non satisfaites pour libSDL1.2-devel-1.2.5-12mdk: libSDL1.2 = 1.2.5
dépendances non satisfaites pour libmng1-devel-1.0.5-5mdk: libmng1 = 1.0.5-5mdk
dépendances non satisfaites pour zlib1-devel-1.2.1-2.1.100mdk: zlib1 = 1.2.1-2.1.100mdk
dépendances non satisfaites pour libmikmod2-devel-3.1.10-8mdk: libmikmod2 = 3.1.10-8mdk
.M...... c /etc/rc.d/init.d/alsa
.M...... c /etc/rc.d/init.d/sound
.......T c /usr/share/fonts/ttf/gb2312/fonts.cache-1
S.5....T c /etc/httpd/conf/httpd2.conf
.M...... c /etc/rc.d/init.d/httpd
.M...U.. /var/cache/httpd
.......T c /etc/postfix/master.cf
.M...... c /etc/rc.d/init.d/postfix
.M....G. /usr/sbin/sendmail.postfix
.M...... c /etc/rc.d/init.d/bluetooth
.M...... c /etc/rc.d/init.d/dund
.M...... c /etc/rc.d/init.d/hidd
.M...... c /etc/rc.d/init.d/pand
SM5....T c /etc/sysconfig/userdrake
.......T /usr/share/fonts/ttf/western/fonts.cache-1
S.5..UGT c /etc/mailman
.M...... c /etc/rc.d/init.d/mailman
S.5....T /usr/lib/mailman/Mailman/mm_cfg.pyc
.M...... c /etc/rc.d/init.d/kheader
manquant /usr/X11R6/lib/X11/fonts/cyrillic/encodings.dir
.......T c /usr/share/config/konsolerc
..5....T /usr/share/fonts/ttf/korean/fonts.cache-1
.M...... c /etc/rc.d/init.d/freenet6
.M...... c /etc/rc.d/init.d/apmd
S.5....T c /etc/mime.types
S.5....T c /etc/openldap/ldap.conf
.M...... c /etc/rc.d/init.d/numlock
.M...... c /etc/rc.d/init.d/xinetd
dépendances non satisfaites pour libgdk-pixbuf2-devel-0.22.0-2.2.100mdk: libgdk-pixbuf-gnomecanvas1 = 0.22.0-2.2.100mdk, libgdk-pixbuf2 = 0.22.0-2.2.100mdk
dépendances non satisfaites pour libsane1-devel-1.0.13-6mdk: libsane1 = 1.0.13-6mdk
dépendances non satisfaites pour libpango1.0_0-devel-1.2.5-3mdk: pango = 1.2.5-3mdk, libpango1.0_0 = 1.2.5-3mdk
S.5....T c /etc/info-dir
.M...... c /etc/rc.d/init.d/atd
S.5....T c /etc/X11/gdm/gdm.conf
manquant /dev/ptal-mlcd
....L... /dev/ptal-printd
.M...... /usr/sbin/ptal-init
....L... /usr/X11R6/lib/libGL.so.1
.M...... c /etc/rc.d/init.d/webmin
SM5....T c /etc/ssl/webmin/miniserv.pem
.M....G. /etc/cups
.M...U.. /usr/bin/lppasswd
dépendances non satisfaites pour libglib1.2-devel-1.2.10-11mdk: libglib1.2 = 1.2.10-11mdk
dépendances non satisfaites pour libgnomemm-1.2_9-devel-1.2.4-3mdk: libgnomemm-1.2_9 = 1.2.4-3mdk
.M...... c /etc/rc.d/init.d/ldap
S.5....T c /etc/sysconfig/ldap
.M...UG. c /var/lib/ldap/DB_CONFIG
.M...... /var/log/ldap
.M...... c /etc/rc.d/init.d/snortd
S.5....T c /etc/snort/snort.conf
dépendances non satisfaites pour libmad0-devel-0.15.0b-3mdk: libmad0 = 0.15.0b
.M...... /proc
.M...... /root
.M...... /var/spool/mail
S.5....T c /etc/sane.d/dll.conf
.M...... c /etc/rc.d/init.d/oki4daemon
S.5....T /usr/share/fonts/ttf/kannada/fonts.cache-1
S.5....T c /var/www/html/admin/phpMyAdmin/config.inc.php
dépendances non satisfaites pour libarts1-devel-1.2-3mdk: libarts1 = 30000001:1.2-3mdk
S.5....T c /etc/named.conf
dépendances non satisfaites pour libfontconfig1-devel-2.2.1-7mdk: fontconfig = 2.2.1-7mdk, libfontconfig1 = 2.2.1-7mdk
dépendances non satisfaites pour libgdk-pixbuf-xlib2-0.22.0-2.2.100mdk: gdk-pixbuf-loaders = 0.22.0-2.2.100mdk
dépendances non satisfaites pour libusb0.1_4-devel-0.1.7-1mdk: libusb0.1_4 = 0.1.7-1mdk
.......T /usr/share/pixmaps/gnome-default-dlg.png
.......T /usr/share/pixmaps/gnome-error.png
.......T /usr/share/pixmaps/gnome-info.png
.......T /usr/share/pixmaps/gnome-question.png
.......T /usr/share/pixmaps/gnome-warning.png
S.5....T c /etc/hotplug/blacklist
.M...... c /etc/init.d/hotplug
S.5....T /usr/share/fonts/type1/greek/fonts.cache-1
....L... /lib/cpp
.......T /usr/share/themes/Metal/README.html
.......T /usr/share/themes/Redmond95/README.html
.M...... c /etc/rc.d/init.d/winbind
.......T /usr/share/locale/de/LC_MESSAGES/libgtkhx.mo
.......T /usr/share/locale/es/LC_MESSAGES/libgtkhx.mo
.......T /usr/share/locale/fr/LC_MESSAGES/libgtkhx.mo
.......T /usr/share/locale/it/LC_MESSAGES/libgtkhx.mo
S.5....T c /usr/share/config/kdeglobals
S.5....T c /usr/share/config/kdesktoprc
.......T c /usr/share/config/kickerrc
S.5....T c /usr/share/config/konquerorrc
.......T c /etc/httpd/conf/ssl/mod_ssl.conf
.......T c /etc/httpd/conf/ssl/ssl.default-vhost.conf
SM5....T c /etc/ssl/apache/server.crt
SM5....T c /etc/ssl/apache/server.key
S.5....T /usr/share/fonts/ttf/armenian/fonts.cache-1
S.5....T /usr/share/fonts/ttf/tscii/fonts.cache-1
dépendances non satisfaites pour rpm-python-4.2.2-7mdk: rpm = 4.2.2-7mdk
S.5....T /usr/share/fonts/ttf/thai/fonts.cache-1
dépendances non satisfaites pour libkdetoys1-devel-3.2-6mdk: libkdetoys1 = 1:3.2-6mdk
dépendances non satisfaites pour libbeecrypt6-devel-3.1.0-2mdk: libbeecrypt6 = 3.1.0-2mdk
dépendances non satisfaites pour libORBit0-devel-0.5.17-7mdk: ORBit = 0.5.17-7mdk, libORBit0 = 0.5.17-7mdk
dépendances non satisfaites pour pam-doc-0.77-12mdk: pam = 0.77-12mdk
.M...... c /etc/rc.d/init.d/crond
dépendances non satisfaites pour popt-devel-1.8.2-7mdk: popt = 1.8.2-7mdk
dépendances non satisfaites pour libfreetype6-devel-2.1.7-4mdk: libfreetype6 = 2.1.7-4mdk
S.5....T c /etc/xml/catalog
S.5....T c /usr/share/sgml/docbook/xmlcatalog
.M...... c /etc/rc.d/init.d/sshd
SM5....T c /etc/ssh/sshd_config
manquant /usr/share/squidGuard-1.2.0/contrib/RobotUserAgent.pm
manquant /usr/share/squidGuard-1.2.0/contrib/hostbyname
manquant /usr/share/squidGuard-1.2.0/contrib/sgclean
manquant /usr/share/squidGuard-1.2.0/contrib/squidGuardRobot
manquant /usr/share/squidGuard-1.2.0/db/README
manquant /usr/share/squidGuard-1.2.0/db/ads
manquant /usr/share/squidGuard-1.2.0/db/ads/domains
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20010813.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20010816.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20010825.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20010901.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20010908.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20010915.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20010917.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20010918.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20010922.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20010929.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20011006.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20011008.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20011013.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20011020.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20011027.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20011103.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20011110.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20011113.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20011124.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20011201.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20011212.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20011215.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/domains.20011218.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20010901.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20010908.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20010915.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20010929.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20011006.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20011008.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20011013.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20011020.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20011027.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20011103.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20011110.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20011113.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20011124.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20011201.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20011212.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20011215.diff
manquant /usr/share/squidGuard-1.2.0/db/ads/urls.20011218.diff
manquant /usr/share/squidGuard-1.2.0/db/adult
manquant /usr/share/squidGuard-1.2.0/db/adult/domains
manquant /usr/share/squidGuard-1.2.0/db/adult/expressions
manquant /usr/share/squidGuard-1.2.0/db/adult/urls
manquant /usr/share/squidGuard-1.2.0/db/advertising
manquant /usr/share/squidGuard-1.2.0/db/advertising/domains
manquant /usr/share/squidGuard-1.2.0/db/advertising/urls
manquant /usr/share/squidGuard-1.2.0/db/aggressive
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20010813.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20010825.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20010901.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20010908.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20010915.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20010917.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20010922.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20010929.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20011006.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20011013.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20011020.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20011027.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20011103.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20011110.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20011112.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20011114.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20011117.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20011124.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20011201.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20011212.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/domains.20011215.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20010813.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20010816.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20010818.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20010825.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20010901.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20010908.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20010915.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20010917.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20010918.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20010922.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20010929.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20011006.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20011008.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20011013.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20011020.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20011027.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20011103.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20011110.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20011112.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20011124.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20011212.diff
manquant /usr/share/squidGuard-1.2.0/db/aggressive/urls.20011215.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20010813.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20010816.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20010825.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20010901.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20010908.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20010915.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20010917.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20010922.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20010929.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20011006.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20011008.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20011013.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20011020.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20011027.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20011103.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20011110.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20011114.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20011124.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20011201.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/domains.20011212.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls.20010813.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls.20010816.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls.20010901.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls.20010908.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls.20010915.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls.20010917.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls.20011006.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls.20011013.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls.20011020.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls.20011027.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls.20011103.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls.20011110.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls.20011114.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls.20011124.diff
manquant /usr/share/squidGuard-1.2.0/db/audio-video/urls.20011212.diff
manquant /usr/share/squidGuard-1.2.0/db/banneddestination
manquant /usr/share/squidGuard-1.2.0/db/banneddestination/domains
manquant /usr/share/squidGuard-1.2.0/db/banneddestination/expressions
manquant /usr/share/squidGuard-1.2.0/db/banneddestination/urls
manquant /usr/share/squidGuard-1.2.0/db/bannedsource
manquant /usr/share/squidGuard-1.2.0/db/bannedsource/ips
manquant /usr/share/squidGuard-1.2.0/db/drugs
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20010813.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20010816.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20010825.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20010901.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20010908.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20010915.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20010917.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20010918.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20010922.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20010929.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20011006.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20011008.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20011013.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20011020.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20011027.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20011103.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20011110.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20011112.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20011114.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20011117.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20011124.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20011201.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20011212.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/domains.20011215.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20010813.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20010816.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20010818.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20010825.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20010901.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20010908.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20010915.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20010917.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20010922.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20010929.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20011006.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20011013.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20011020.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20011027.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20011103.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20011110.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20011112.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20011114.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20011117.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20011124.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20011201.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20011212.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20011215.diff
manquant /usr/share/squidGuard-1.2.0/db/drugs/urls.20011217.diff
manquant /usr/share/squidGuard-1.2.0/db/forums
manquant /usr/share/squidGuard-1.2.0/db/forums/domains
manquant /usr/share/squidGuard-1.2.0/db/forums/expressions
manquant /usr/share/squidGuard-1.2.0/db/forums/urls
manquant /usr/share/squidGuard-1.2.0/db/gambling
manquant /usr/share/squidGuard-1.2.0/db/gambling/domains
manquant /usr/share/squidGuard-1.2.0/db/gambling/domains.20010813.diff
manquant /usr/share/squidGuard-1.2.0/db/gambling/domains.20010901.diff
manquant /usr/share/squidGuard-1.2.0/db/gambling/domains.20010908.diff
manquant /usr/share/squidGuard-1.2.0/db/gambling/domains.20010915.diff
manquant /usr/share/squidGuard-1.2.0/db/gambling/domains.20010917.diff
manquant /usr/share/squidGuard-1.2.0/db/gambling/domains.20010918.diff
manquant /usr/share/squidGuard-1.2.0/db/gambling/domains.20010922.diff
manquant /usr/share/squidGuard-1.2.0/db/gambling/domains.20010929.diff
manquant /usr/share/squidGuard-1.2.0/db/gambling/domains.20011020.diff
manquant /usr/share/squidGuard-1.2.0/db/gambling/domains.20011110.diff
manquant /usr/share/squidGuard-1.2.0/db/gambling/domains.20011114.diff
manquant /usr/share/squidGuard-1.2.0/db/gambling/domains.20011124.diff
manquant /usr/share/squidGuard-1.2.0/db/gambling/domains.20011201.diff
manquant /usr/share/squidGuard-1.2.0/db/gambling/domains.20011212.diff
manquant /usr/share/squidGuard-1.2.0/db/gambling/urls
manquant /usr/share/squidGuard-1.2.0/db/gambling/urls.20011212.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20010813.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20010816.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20010818.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20010901.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20010908.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20010915.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20010917.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20010922.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20010929.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20011006.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20011013.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20011020.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20011027.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20011110.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20011112.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20011114.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20011124.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20011201.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20011212.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/domains.20011215.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/urls
manquant /usr/share/squidGuard-1.2.0/db/hacking/urls.20010813.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/urls.20011006.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/urls.20011020.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/urls.20011027.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/urls.20011103.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/urls.20011110.diff
manquant /usr/share/squidGuard-1.2.0/db/hacking/urls.20011212.diff
manquant /usr/share/squidGuard-1.2.0/db/lansource
manquant /usr/share/squidGuard-1.2.0/db/lansource/lan
manquant /usr/share/squidGuard-1.2.0/db/mail
manquant /usr/share/squidGuard-1.2.0/db/mail/domains
manquant /usr/share/squidGuard-1.2.0/db/porn
manquant /usr/share/squidGuard-1.2.0/db/porn/domains
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20010814.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20010817.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20010818.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20010902.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20010909.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20010916.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20010917.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20010918.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20010919.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20010923.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20010930.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20011007.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20011009.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20011014.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20011021.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20011028.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20011104.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20011112.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20011113.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20011115.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20011118.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20011125.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20011212.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20011213.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20011215.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/domains.20011217.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/expressions
manquant /usr/share/squidGuard-1.2.0/db/porn/urls
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20010814.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20010817.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20010818.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20010902.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20010909.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20010916.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20010917.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20010919.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20010923.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20010930.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20011007.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20011009.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20011014.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20011021.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20011028.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20011104.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20011112.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20011113.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20011115.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20011118.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20011125.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20011212.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20011213.diff
manquant /usr/share/squidGuard-1.2.0/db/porn/urls.20011215.diff
manquant /usr/share/squidGuard-1.2.0/db/privilegedsource
manquant /usr/share/squidGuard-1.2.0/db/privilegedsource/ips
manquant /usr/share/squidGuard-1.2.0/db/proxy
manquant /usr/share/squidGuard-1.2.0/db/proxy/domains
manquant /usr/share/squidGuard-1.2.0/db/proxy/domains.20010918.diff
manquant /usr/share/squidGuard-1.2.0/db/proxy/domains.20010923.diff
manquant /usr/share/squidGuard-1.2.0/db/proxy/domains.20011021.diff
manquant /usr/share/squidGuard-1.2.0/db/proxy/domains.20011112.diff
manquant /usr/share/squidGuard-1.2.0/db/proxy/domains.20011213.diff
manquant /usr/share/squidGuard-1.2.0/db/proxy/domains.20011218.diff
manquant /usr/share/squidGuard-1.2.0/db/proxy/urls
manquant /usr/share/squidGuard-1.2.0/db/publicite
manquant /usr/share/squidGuard-1.2.0/db/publicite/domains
manquant /usr/share/squidGuard-1.2.0/db/publicite/expressions
manquant /usr/share/squidGuard-1.2.0/db/publicite/urls
manquant /usr/share/squidGuard-1.2.0/db/redirector
manquant /usr/share/squidGuard-1.2.0/db/redirector/domains
manquant /usr/share/squidGuard-1.2.0/db/redirector/expressions
manquant /usr/share/squidGuard-1.2.0/db/redirector/urls
manquant /usr/share/squidGuard-1.2.0/db/timerestriction
manquant /usr/share/squidGuard-1.2.0/db/timerestriction/lan
manquant /usr/share/squidGuard-1.2.0/db/violence
manquant /usr/share/squidGuard-1.2.0/db/violence/domains
manquant /usr/share/squidGuard-1.2.0/db/violence/domains.20010814.diff
manquant /usr/share/squidGuard-1.2.0/db/violence/domains.20011028.diff
manquant /usr/share/squidGuard-1.2.0/db/violence/domains.20011213.diff
manquant /usr/share/squidGuard-1.2.0/db/violence/expressions
manquant /usr/share/squidGuard-1.2.0/db/violence/urls
manquant /usr/share/squidGuard-1.2.0/db/warez
manquant /usr/share/squidGuard-1.2.0/db/warez/domains
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20010814.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20010818.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20010902.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20010909.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20010916.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20010919.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20010923.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20010930.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20011007.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20011014.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20011021.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20011028.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20011112.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20011118.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20011125.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20011213.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20011215.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/domains.20011218.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/urls
manquant /usr/share/squidGuard-1.2.0/db/warez/urls.20011125.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/urls.20011213.diff
manquant /usr/share/squidGuard-1.2.0/db/warez/urls.20011215.diff
manquant /usr/share/squidGuard-1.2.0/samples/sample.conf
manquant /usr/share/squidGuard-1.2.0/samples/squidGuard-simple.cgi
manquant /usr/share/squidGuard-1.2.0/samples/squidGuard.cgi
.M...... /var/log/squidGuard/advertising.log
.M...... /var/log/squidGuard/squidGuard.error
.M.....T /var/log/squidGuard/squidGuard.log
dépendances non satisfaites pour gcc-java-3.3.2-6mdk: gcc = 3.3.2-6mdk
dépendances non satisfaites pour libfam0-devel-2.6.10-9mdk: fam = 2.6.10, libfam0 = 2.6.10-9mdk
.M...... c /etc/rc.d/init.d/fetchmail
dépendances non satisfaites pour rpm-devel-4.2.2-7mdk: rpm = 4.2.2-7mdk
S.5....T c /etc/pam.d/system-auth
S.5....T /usr/share/fonts/default/Type1/adobestd35/fonts.cache-1
S.5....T /usr/share/fonts/default/Type1/fonts.cache-1
.......T /usr/share/fonts/ttf/decoratives/fonts.cache-1
S.5..UGT c /etc/X11/fs/config
.M...... c /etc/rc.d/init.d/xfs
S.5....T c /etc/samba/smb.conf
.M...... c /etc/rc.d/init.d/smb
S.5....T c /usr/share/config/kdm/kdmrc
manquant /usr/X11R6/lib/X11/fonts/75dpi/encodings.dir
.M...... c /etc/rc.d/init.d/yppasswdd
.M...... c /etc/rc.d/init.d/ypserv
.M...... c /etc/rc.d/init.d/ypxfrd
manquant /usr/java/j2re1.4.2_04/javaws/javaws.pack
manquant /usr/java/j2re1.4.2_04/lib/charsets.pack
manquant /usr/java/j2re1.4.2_04/lib/ext/localedata.pack
manquant /usr/java/j2re1.4.2_04/lib/jsse.pack
manquant /usr/java/j2re1.4.2_04/lib/plugin.pack
manquant /usr/java/j2re1.4.2_04/lib/rt.pack
manquant /usr/java/j2re1.4.2_04/lib/unpack
.M...... c /etc/rc.d/init.d/routed
.M...... c /etc/rc.d/init.d/ipvsadm
S.5....T /usr/share/fonts/ttf/arabic/fonts.cache-1
.M...... c /etc/rc.d/init.d/wine
.M...... c /etc/rc.d/init.d/iptables
S.5....T /usr/share/fonts/bitmap/tscii/fonts.cache-1
dépendances non satisfaites pour libgtk+1.2-devel-1.2.10-38mdk: libgtk+1.2 = 1.2.10-38mdk
dépendances non satisfaites pour gcc-g77-3.3.2-6mdk: gcc = 3.3.2-6mdk
.......T c /usr/share/fonts/ttf/big5/fonts.cache-1
.M...... c /etc/rc.d/init.d/saslauthd
manquant /usr/lib/mozilla-1.7.2/chrome/chrome.rdf
manquant /usr/lib/mozilla-1.7.2/components/compreg.dat
manquant /usr/lib/mozilla-1.7.2/components/xpti.dat
manquant /usr/X11R6/lib/X11/fonts/100dpi/encodings.dir
S.5....T /usr/share/locale/de/LC_MESSAGES/wxstd.mo
S.5....T /usr/share/locale/es/LC_MESSAGES/wxstd.mo
S.5....T /usr/share/locale/fr/LC_MESSAGES/wxstd.mo
S.5....T /usr/share/locale/it/LC_MESSAGES/wxstd.mo-
[^]Re: Pour voir si ...
Posté par Samaty Tramo (page perso, ) le 19/01/2005 à 06:16. (lien). Évalué à 1.Le format de sortie est constitué d'une chaîne de caractères de
8 caractère, d'un "c" éventuel dénottant un fichier de configu-
ration, et ensuite du nom du fichier. Chacun des 8 caractères
dénote le résultat d'une comparaison d'un attribut du fichier
avec la valeur de cet attribut enregistré dans la base de
données rpm. Un simple "." (point) signifie que le test s'est
bien passé. Les caractères suivants dénote l'échec à certains
tests :
5 Somme MD5
S Taille du fichier
L Lien symbolique
T Mtime
D Périphérique
U Utilisateur
G Groupe
M Mode (inclut les permissions et le type de fichier)
-
-
-
... et pour être sûr ...
si tu penses vraiment avoir été "rootkité", le mieux c'est d'en être sûr.
A cet effet, tu peux utiliser des outils de detection comme RootKit Hunter (c'est celui que j'utilise) qui possède une bibliothèque des rootkit et autre programmes malveillants. Il inclut également d'autres tests utiles.
Tu peux aller voir là :
http://www.rootkit.nl(...)
et là pour télécharger la dernière version :
http://downloads.rootkit.nl/rkhunter-1.1.9.tar.gz(...)
Note que ce n'est certainement pas le seul outil de ce genre. Donc hésite pas à fouiller.
-
[^]Re: ... et pour être sûr ...
Posté par Samaty Tramo (page perso, ) le 17/01/2005 à 09:58. (lien). Évalué à 1.A la compilation j'ai eu l'incident suivant.
gcc -static -o strings-static strings.c
/usr//bin/ld: cannot find -lc
collect2: ld returned 1 exit status
make: *** [strings-static] Erreur 1
Je comprend que "ld" n'as pas peu trouver "lc".
Je vais me tourner vers le mainteneur du site français pour être aider. Je te remercie.-
[^]Re: ... et pour être sûr ...
Posté par Samaty Tramo (page perso, ) le 18/01/2005 à 10:19. (lien). Évalué à 1.rkhunter-1.1.9.tar.gz(...)
J'ai installer ce que tu m'as conseiller un test de plus ne me déplait pas.
L'erreur dont je parlait venait de l autre logiciel chkrookit, une simple bibliothèque static qui manquait.
Voila la sortie par contre j'avais une version d'un logiciel décrit comme vulnérable selon sa version, je l'ai enlever des logs. Le reste n'a pas été changer.
Est ce que ce test doit etre à partir d'un système saint ou peut etre fait sur un système compromis ?
[root@Samaty rkhunter]# rkhunter -c
Rootkit Hunter 1.1.9 is running
Determining OS... Warning: this operating system is not fully supported!
Ready
Warning: Cannot find md5_not_known
All MD5 checks will be skipped!
Checking binaries
* Selftests
Strings (command) [ OK ]
* System tools
Skipped!
Check rootkits
* Default files and directories
Rootkit '55808 Trojan - Variant A'... [ OK ]
ADM Worm... [ OK ]
Rootkit 'AjaKit'... [ OK ]
Rootkit 'aPa Kit'... [ OK ]
Rootkit 'Apache Worm'... [ OK ]
Rootkit 'Ambient (ark) Rootkit'... [ OK ]
Rootkit 'Balaur Rootkit'... [ OK ]
Rootkit 'BeastKit'... [ OK ]
Rootkit 'BOBKit'... [ OK ]
Rootkit 'CiNIK Worm (Slapper.B variant)'... [ OK ]
Rootkit 'Danny-Boy's Abuse Kit'... [ OK ]
Rootkit 'Devil RootKit'... [ OK ]
Rootkit 'Dica'... [ OK ]
Rootkit 'Dreams Rootkit'... [ OK ]
Rootkit 'Duarawkz'... [ OK ]
Rootkit 'Flea Linux Rootkit'... [ OK ]
Rootkit 'FreeBSD Rootkit'... [ OK ]
Rootkit 'Fuck`it Rootkit'... [ OK ]
Rootkit 'GasKit'... [ OK ]
Rootkit 'Heroin LKM'... [ OK ]
Rootkit 'HjC Kit'... [ OK ]
Rootkit 'ignoKit'... [ OK ]
Rootkit 'ImperalsS-FBRK'... [ OK ]
Rootkit 'Irix Rootkit'... [ OK ]
Rootkit 'Kitko'... [ OK ]
Rootkit 'Knark'... [ OK ]
Rootkit 'Li0n Worm'... [ OK ]
Rootkit 'Lockit / LJK2'... [ OK ]
Rootkit 'MRK'... [ OK ]
Rootkit 'Ni0 Rootkit'... [ OK ]
Rootkit 'RootKit for SunOS / NSDAP'... [ OK ]
Rootkit 'Optic Kit (Tux)'... [ OK ]
Rootkit 'Oz Rootkit'... [ OK ]
Rootkit 'Portacelo'... [ OK ]
Rootkit 'R3dstorm Toolkit'... [ OK ]
Rootkit 'RH-Sharpe's rootkit'... [ OK ]
Rootkit 'RSHA's rootkit'... [ OK ]
Sebek LKM [ OK ]
Rootkit 'Scalper Worm'... [ OK ]
Rootkit 'Shutdown'... [ OK ]
Rootkit 'SHV4'... [ OK ]
Rootkit 'SHV5'... [ OK ]
Rootkit 'Sin Rootkit'... [ OK ]
Rootkit 'Slapper'... [ OK ]
Rootkit 'Sneakin Rootkit'... [ OK ]
Rootkit 'Suckit Rootkit'... [ OK ]
Rootkit 'SunOS Rootkit'... [ OK ]
Rootkit 'Superkit'... [ OK ]
Rootkit 'TBD (Telnet BackDoor)'... [ OK ]
Rootkit 'TeLeKiT'... [ OK ]
Rootkit 'T0rn Rootkit'... [ OK ]
Rootkit 'Trojanit Kit'... [ OK ]
Rootkit 'Tuxtendo'... [ OK ]
Rootkit 'URK'... [ OK ]
Rootkit 'VcKit'... [ OK ]
Rootkit 'Volc Rootkit'... [ OK ]
Rootkit 'X-Org SunOS Rootkit'... [ OK ]
Rootkit 'zaRwT.KiT Rootkit'... [ OK ]
* Suspicious files and malware
Scanning for known rootkit strings [ OK ]
Scanning for known rootkit files [ OK ]
Testing running processes... [ OK ]
Miscellaneous Login backdoors [ OK ]
Miscellaneous directories [ OK ]
Software related files [ OK ]
Sniffer logs [ OK ]
[Press to continue]
* Trojan specific characteristics
shv4
Checking /etc/rc.d/rc.sysinit
Test 1 [ Clean ]
Test 2 [ Clean ]
Test 3 [ Clean ]
Checking /etc/inetd.conf [ Not found ]
Checking /etc/xinetd.conf [ Clean ]
* Suspicious file properties
chmod properties
Checking /bin/ps [ Clean ]
Checking /bin/ls [ Clean ]
Checking /usr/bin/w [ Clean ]
Checking /usr/bin/who [ Clean ]
Checking /bin/netstat [ Clean ]
Checking /bin/login [ Clean ]
Script replacements
Checking /bin/ps [ Clean ]
Checking /bin/ls [ Clean ]
Checking /usr/bin/w [ Clean ]
Checking /usr/bin/who [ Clean ]
Checking /bin/netstat [ Clean ]
Checking /bin/login [ Clean ]
* OS dependant tests
Linux
Checking loaded kernel modules... [ OK ]
Checking files attributes [ OK ]
Checking LKM module path [ OK ]
Networking
-
Cette discussion est archivée, il n'est plus possible de laisser des commentaires.
Note : les commentaires appartiennent à ceux qui les ont postés. Nous n'en sommes pas responsables.