Skip to content

Commit dabe8ac

Browse files
cybersec-kcybersec-k
authored
Update 2025-05-01-linux-file-system-analysis.md
1 parent 817283b commit dabe8ac

File tree

1 file changed

+20
-19
lines changed

1 file changed

+20
-19
lines changed

_posts/2025-05-01-linux-file-system-analysis.md

Lines changed: 20 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -723,26 +723,27 @@ Searching for Mumblehard Linux ... * * * * * /var/tmp/f
723723
><details><summary>Click for answer</summary>/var/tmp/findme.sh</details>
724724
725725
> **Run rkhunter on the affected system. What is the result of the (UID 0) accounts check?**
726+
>
726727
```bash
727728
$ sudo rkhunter -c -sk | grep -B 10 -A 10 "UID 0"
728-
Checking the local host...
729-
Performing system boot checks
730-
Checking for local host name[ Found ]
731-
Checking for system startup files[ Found ]
732-
Checking system startup files for malware[ None found ]
733-
734-
Performing group and account checks
735-
Checking for passwd file[ Found ]
736-
Checking for root equivalent (UID 0) accounts[ Warning ]
737-
Checking for passwordless accounts[ None found ]
738-
Checking for passwd file changes[ None found ]
739-
Checking for group file changes[ None found ]
740-
Checking root account shell history files[ OK ]
741-
742-
Performing system configuration file checks
743-
Checking for an SSH configuration file[ Found ]
744-
Checking if SSH root access is allowed[ Warning ]
745-
Checking if SSH protocol v1 is allowed[ Not set ]
746-
Checking for other suspicious configuration settings[ None found ]
729+
Checking the local host...
730+
Performing system boot checks
731+
Checking for local host name[ Found ]
732+
Checking for system startup files[ Found ]
733+
Checking system startup files for malware[ None found ]
734+
735+
Performing group and account checks
736+
Checking for passwd file[ Found ]
737+
Checking for root equivalent (UID 0) accounts[ Warning ]
738+
Checking for passwordless accounts[ None found ]
739+
Checking for passwd file changes[ None found ]
740+
Checking for group file changes[ None found ]
741+
Checking root account shell history files[ OK ]
742+
743+
Performing system configuration file checks
744+
Checking for an SSH configuration file[ Found ]
745+
Checking if SSH root access is allowed[ Warning ]
746+
Checking if SSH protocol v1 is allowed[ Not set ]
747+
Checking for other suspicious configuration settings[ None found ]
747748
```
748749
><details><summary>Click for answer</summary>Warning</details>

0 commit comments

Comments
 (0)