chkrootkit 报告可能安装了恶意 Linux.Xor.DDoS - 我该如何验证?

tag-icon tag-icon security chkrootkit
chkrootkit 报告可能安装了恶意 Linux.Xor.DDoS - 我该如何验证?

它报告的令人关注的文件如下。

我不担心中的那些,/tmp/yarn*因为我相信那是包管理器,NodeJS但中的那些tmp/_MEI*令人担忧。

它报告的另一个问题是:

Checking `chkutmp'...                                        The tty of the following user process(es) were not found
 in /var/run/utmp !
! RUID          PID TTY    CMD
! ubuntu      10310 pts/0  /bin/bash

Searching for Linux.Xor.DDoS ...                            INFECTED: Possible Malicious Linux.Xor.DDoS installed
/tmp/_MEILouf0P/_bz2.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/readline.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/compose/config/config_schema_v1.json
/tmp/_MEILouf0P/compose/config/config_schema_compose_spec.json
/tmp/_MEILouf0P/compose/GITSHA
/tmp/_MEILouf0P/libffi-806b1a9d.so.6.0.4
/tmp/_MEILouf0P/base_library.zip
/tmp/_MEILouf0P/_codecs_iso2022.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/binascii.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_ssl.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_heapq.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_random.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/unicodedata.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_sha256.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_posixsubprocess.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_cffi_backend.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_multibytecodec.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_sha3.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/libbz2.so.1.0
/tmp/_MEILouf0P/cryptography/hazmat/bindings/_openssl.abi3.so
/tmp/_MEILouf0P/_bisect.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/nacl/_sodium.abi3.so
/tmp/_MEILouf0P/_codecs_jp.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_sha1.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/libtinfo.so.5
/tmp/_MEILouf0P/array.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/fcntl.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_opcode.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_json.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/libcrypto.so.1.1
/tmp/_MEILouf0P/_pickle.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/lib/python3.7/config-3.7m-x86_64-linux-gnu/Makefile
/tmp/_MEILouf0P/jsonschema/schemas/draft3.json
/tmp/_MEILouf0P/jsonschema/schemas/draft4.json
/tmp/_MEILouf0P/jsonschema/schemas/draft6.json
/tmp/_MEILouf0P/jsonschema/schemas/draft7.json
/tmp/_MEILouf0P/_queue.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_asyncio.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_contextvars.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_lzma.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/termios.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/certifi/cacert.pem
/tmp/_MEILouf0P/_struct.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_codecs_hk.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_uuid.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_hashlib.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/libreadline.so.7
/tmp/_MEILouf0P/libpython3.7m.so.1.0
/tmp/_MEILouf0P/libexpat.so.1
/tmp/_MEILouf0P/liblzma.so.5
/tmp/_MEILouf0P/libz.so.1
/tmp/_MEILouf0P/libssl.so.1.1
/tmp/_MEILouf0P/_codecs_tw.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_blake2.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/math.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_codecs_cn.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_ctypes.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_datetime.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_sha512.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/pyexpat.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_codecs_kr.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/cryptography-3.0-py3.7.egg-info/AUTHORS.rst
/tmp/_MEILouf0P/cryptography-3.0-py3.7.egg-info/WHEEL
/tmp/_MEILouf0P/cryptography-3.0-py3.7.egg-info/RECORD
/tmp/_MEILouf0P/cryptography-3.0-py3.7.egg-info/top_level.txt
/tmp/_MEILouf0P/cryptography-3.0-py3.7.egg-info/METADATA
/tmp/_MEILouf0P/cryptography-3.0-py3.7.egg-info/LICENSE.APACHE
/tmp/_MEILouf0P/cryptography-3.0-py3.7.egg-info/REQUESTED
/tmp/_MEILouf0P/cryptography-3.0-py3.7.egg-info/LICENSE.BSD
/tmp/_MEILouf0P/cryptography-3.0-py3.7.egg-info/LICENSE.PSF
/tmp/_MEILouf0P/cryptography-3.0-py3.7.egg-info/INSTALLER
/tmp/_MEILouf0P/cryptography-3.0-py3.7.egg-info/LICENSE
/tmp/_MEILouf0P/pvectorc.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_socket.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/bcrypt/_bcrypt.abi3.so
/tmp/_MEILouf0P/_multiprocessing.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_md5.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/include/python3.7m/pyconfig.h
/tmp/_MEILouf0P/resource.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/mmap.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/grp.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/_decimal.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/select.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/jsonschema-3.2.0-py3.7.egg-info/WHEEL
/tmp/_MEILouf0P/jsonschema-3.2.0-py3.7.egg-info/RECORD
/tmp/_MEILouf0P/jsonschema-3.2.0-py3.7.egg-info/top_level.txt
/tmp/_MEILouf0P/jsonschema-3.2.0-py3.7.egg-info/METADATA
/tmp/_MEILouf0P/jsonschema-3.2.0-py3.7.egg-info/COPYING
/tmp/_MEILouf0P/jsonschema-3.2.0-py3.7.egg-info/REQUESTED
/tmp/_MEILouf0P/jsonschema-3.2.0-py3.7.egg-info/entry_points.txt
/tmp/_MEILouf0P/jsonschema-3.2.0-py3.7.egg-info/INSTALLER
/tmp/_MEILouf0P/zlib.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/libuuid.so.1
/tmp/_MEILouf0P/importlib_metadata-2.0.0-py3.7.egg-info/WHEEL
/tmp/_MEILouf0P/importlib_metadata-2.0.0-py3.7.egg-info/RECORD
/tmp/_MEILouf0P/importlib_metadata-2.0.0-py3.7.egg-info/top_level.txt
/tmp/_MEILouf0P/importlib_metadata-2.0.0-py3.7.egg-info/METADATA
/tmp/_MEILouf0P/importlib_metadata-2.0.0-py3.7.egg-info/INSTALLER
/tmp/_MEILouf0P/importlib_metadata-2.0.0-py3.7.egg-info/LICENSE
/tmp/_MEILouf0P/_csv.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEILouf0P/libffi.so.6
/tmp/yarn--1609279800756-0.33405718762260905/yarn
/tmp/yarn--1609279800756-0.33405718762260905/node
/tmp/yarn--1609191066355-0.8535292494076665/yarn
/tmp/yarn--1609191066355-0.8535292494076665/node
/tmp/yarn--1608588658536-0.42316004848610067/node
/tmp/yarn--1608588767050-0.858125045173411/yarn
/tmp/yarn--1608588767050-0.858125045173411/node
/tmp/_MEImKelGf/_bz2.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/readline.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/compose/config/config_schema_v1.json
/tmp/_MEImKelGf/compose/config/config_schema_compose_spec.json
/tmp/_MEImKelGf/compose/GITSHA
/tmp/_MEImKelGf/libffi-806b1a9d.so.6.0.4
/tmp/_MEImKelGf/base_library.zip
/tmp/_MEImKelGf/_codecs_iso2022.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/binascii.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_ssl.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_heapq.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_random.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/unicodedata.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_sha256.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_posixsubprocess.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_cffi_backend.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_multibytecodec.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_sha3.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/libbz2.so.1.0
/tmp/_MEImKelGf/cryptography/hazmat/bindings/_openssl.abi3.so
/tmp/_MEImKelGf/_bisect.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/nacl/_sodium.abi3.so
/tmp/_MEImKelGf/_codecs_jp.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_sha1.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/libtinfo.so.5
/tmp/_MEImKelGf/array.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/fcntl.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_opcode.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_json.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/libcrypto.so.1.1
/tmp/_MEImKelGf/_pickle.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/lib/python3.7/config-3.7m-x86_64-linux-gnu/Makefile
/tmp/_MEImKelGf/jsonschema/schemas/draft3.json
/tmp/_MEImKelGf/jsonschema/schemas/draft4.json
/tmp/_MEImKelGf/jsonschema/schemas/draft6.json
/tmp/_MEImKelGf/jsonschema/schemas/draft7.json
/tmp/_MEImKelGf/_queue.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_asyncio.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_contextvars.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_lzma.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/termios.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/certifi/cacert.pem
/tmp/_MEImKelGf/_struct.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_codecs_hk.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_uuid.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_hashlib.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/libreadline.so.7
/tmp/_MEImKelGf/libpython3.7m.so.1.0
/tmp/_MEImKelGf/libexpat.so.1
/tmp/_MEImKelGf/liblzma.so.5
/tmp/_MEImKelGf/libz.so.1
/tmp/_MEImKelGf/libssl.so.1.1
/tmp/_MEImKelGf/_codecs_tw.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_blake2.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/math.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_codecs_cn.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_ctypes.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_datetime.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_sha512.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/pyexpat.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_codecs_kr.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/cryptography-3.0-py3.7.egg-info/AUTHORS.rst
/tmp/_MEImKelGf/cryptography-3.0-py3.7.egg-info/WHEEL
/tmp/_MEImKelGf/cryptography-3.0-py3.7.egg-info/RECORD
/tmp/_MEImKelGf/cryptography-3.0-py3.7.egg-info/top_level.txt
/tmp/_MEImKelGf/cryptography-3.0-py3.7.egg-info/METADATA
/tmp/_MEImKelGf/cryptography-3.0-py3.7.egg-info/LICENSE.APACHE
/tmp/_MEImKelGf/cryptography-3.0-py3.7.egg-info/REQUESTED
/tmp/_MEImKelGf/cryptography-3.0-py3.7.egg-info/LICENSE.BSD
/tmp/_MEImKelGf/cryptography-3.0-py3.7.egg-info/LICENSE.PSF
/tmp/_MEImKelGf/cryptography-3.0-py3.7.egg-info/INSTALLER
/tmp/_MEImKelGf/cryptography-3.0-py3.7.egg-info/LICENSE
/tmp/_MEImKelGf/pvectorc.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_socket.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/bcrypt/_bcrypt.abi3.so
/tmp/_MEImKelGf/_multiprocessing.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_md5.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/include/python3.7m/pyconfig.h
/tmp/_MEImKelGf/resource.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/mmap.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/grp.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/_decimal.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/select.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/jsonschema-3.2.0-py3.7.egg-info/WHEEL
/tmp/_MEImKelGf/jsonschema-3.2.0-py3.7.egg-info/RECORD
/tmp/_MEImKelGf/jsonschema-3.2.0-py3.7.egg-info/top_level.txt
/tmp/_MEImKelGf/jsonschema-3.2.0-py3.7.egg-info/METADATA
/tmp/_MEImKelGf/jsonschema-3.2.0-py3.7.egg-info/COPYING
/tmp/_MEImKelGf/jsonschema-3.2.0-py3.7.egg-info/REQUESTED
/tmp/_MEImKelGf/jsonschema-3.2.0-py3.7.egg-info/entry_points.txt
/tmp/_MEImKelGf/jsonschema-3.2.0-py3.7.egg-info/INSTALLER
/tmp/_MEImKelGf/zlib.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/libuuid.so.1
/tmp/_MEImKelGf/importlib_metadata-2.0.0-py3.7.egg-info/WHEEL
/tmp/_MEImKelGf/importlib_metadata-2.0.0-py3.7.egg-info/RECORD
/tmp/_MEImKelGf/importlib_metadata-2.0.0-py3.7.egg-info/top_level.txt
/tmp/_MEImKelGf/importlib_metadata-2.0.0-py3.7.egg-info/METADATA
/tmp/_MEImKelGf/importlib_metadata-2.0.0-py3.7.egg-info/INSTALLER
/tmp/_MEImKelGf/importlib_metadata-2.0.0-py3.7.egg-info/LICENSE
/tmp/_MEImKelGf/_csv.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEImKelGf/libffi.so.6
/tmp/yarn--1609263723673-0.6031838839525887/yarn
/tmp/yarn--1609263723673-0.6031838839525887/node
/tmp/yarn--1609277998119-0.8745144750321017/yarn
/tmp/yarn--1609277998119-0.8745144750321017/node
/tmp/yarn--1608588658537-0.13657552414741292/node
/tmp/yarn--1609279495677-0.46573089763830744/yarn
/tmp/yarn--1609279495677-0.46573089763830744/node
/tmp/yarn--1608604249272-0.2771300551326392/yarn
/tmp/yarn--1608604249272-0.2771300551326392/node
/tmp/yarn--1608588658537-0.6820815653744035/yarn
/tmp/yarn--1608588658537-0.6820815653744035/node
/tmp/yarn--1608601183847-0.8705271739263436/yarn
/tmp/yarn--1608601183847-0.8705271739263436/node
/tmp/_MEIj3d49T/_bz2.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/readline.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/compose/config/config_schema_v1.json
/tmp/_MEIj3d49T/compose/config/config_schema_compose_spec.json
/tmp/_MEIj3d49T/compose/GITSHA
/tmp/_MEIj3d49T/libffi-806b1a9d.so.6.0.4
/tmp/_MEIj3d49T/base_library.zip
/tmp/_MEIj3d49T/_codecs_iso2022.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/binascii.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_ssl.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_heapq.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_random.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/unicodedata.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_sha256.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_posixsubprocess.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_cffi_backend.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_multibytecodec.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_sha3.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/libbz2.so.1.0
/tmp/_MEIj3d49T/cryptography/hazmat/bindings/_openssl.abi3.so
/tmp/_MEIj3d49T/_bisect.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/nacl/_sodium.abi3.so
/tmp/_MEIj3d49T/_codecs_jp.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_sha1.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/libtinfo.so.5
/tmp/_MEIj3d49T/array.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/fcntl.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_opcode.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_json.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/libcrypto.so.1.1
/tmp/_MEIj3d49T/_pickle.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/lib/python3.7/config-3.7m-x86_64-linux-gnu/Makefile
/tmp/_MEIj3d49T/jsonschema/schemas/draft3.json
/tmp/_MEIj3d49T/jsonschema/schemas/draft4.json
/tmp/_MEIj3d49T/jsonschema/schemas/draft6.json
/tmp/_MEIj3d49T/jsonschema/schemas/draft7.json
/tmp/_MEIj3d49T/_queue.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_asyncio.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_contextvars.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_lzma.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/termios.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/certifi/cacert.pem
/tmp/_MEIj3d49T/_struct.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_codecs_hk.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_uuid.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_hashlib.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/libreadline.so.7
/tmp/_MEIj3d49T/libpython3.7m.so.1.0
/tmp/_MEIj3d49T/libexpat.so.1
/tmp/_MEIj3d49T/liblzma.so.5
/tmp/_MEIj3d49T/libz.so.1
/tmp/_MEIj3d49T/libssl.so.1.1
/tmp/_MEIj3d49T/_codecs_tw.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_blake2.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/math.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_codecs_cn.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_ctypes.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_datetime.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_sha512.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/pyexpat.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_codecs_kr.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/cryptography-3.0-py3.7.egg-info/AUTHORS.rst
/tmp/_MEIj3d49T/cryptography-3.0-py3.7.egg-info/WHEEL
/tmp/_MEIj3d49T/cryptography-3.0-py3.7.egg-info/RECORD
/tmp/_MEIj3d49T/cryptography-3.0-py3.7.egg-info/top_level.txt
/tmp/_MEIj3d49T/cryptography-3.0-py3.7.egg-info/METADATA
/tmp/_MEIj3d49T/cryptography-3.0-py3.7.egg-info/LICENSE.APACHE
/tmp/_MEIj3d49T/cryptography-3.0-py3.7.egg-info/REQUESTED
/tmp/_MEIj3d49T/cryptography-3.0-py3.7.egg-info/LICENSE.BSD
/tmp/_MEIj3d49T/cryptography-3.0-py3.7.egg-info/LICENSE.PSF
/tmp/_MEIj3d49T/cryptography-3.0-py3.7.egg-info/INSTALLER
/tmp/_MEIj3d49T/cryptography-3.0-py3.7.egg-info/LICENSE
/tmp/_MEIj3d49T/pvectorc.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_socket.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/bcrypt/_bcrypt.abi3.so
/tmp/_MEIj3d49T/_multiprocessing.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_md5.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/include/python3.7m/pyconfig.h
/tmp/_MEIj3d49T/resource.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/mmap.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/grp.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/_decimal.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/select.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/jsonschema-3.2.0-py3.7.egg-info/WHEEL
/tmp/_MEIj3d49T/jsonschema-3.2.0-py3.7.egg-info/RECORD
/tmp/_MEIj3d49T/jsonschema-3.2.0-py3.7.egg-info/top_level.txt
/tmp/_MEIj3d49T/jsonschema-3.2.0-py3.7.egg-info/METADATA
/tmp/_MEIj3d49T/jsonschema-3.2.0-py3.7.egg-info/COPYING
/tmp/_MEIj3d49T/jsonschema-3.2.0-py3.7.egg-info/REQUESTED
/tmp/_MEIj3d49T/jsonschema-3.2.0-py3.7.egg-info/entry_points.txt
/tmp/_MEIj3d49T/jsonschema-3.2.0-py3.7.egg-info/INSTALLER
/tmp/_MEIj3d49T/zlib.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/libuuid.so.1
/tmp/_MEIj3d49T/importlib_metadata-2.0.0-py3.7.egg-info/WHEEL
/tmp/_MEIj3d49T/importlib_metadata-2.0.0-py3.7.egg-info/RECORD
/tmp/_MEIj3d49T/importlib_metadata-2.0.0-py3.7.egg-info/top_level.txt
/tmp/_MEIj3d49T/importlib_metadata-2.0.0-py3.7.egg-info/METADATA
/tmp/_MEIj3d49T/importlib_metadata-2.0.0-py3.7.egg-info/INSTALLER
/tmp/_MEIj3d49T/importlib_metadata-2.0.0-py3.7.egg-info/LICENSE
/tmp/_MEIj3d49T/_csv.cpython-37m-x86_64-linux-gnu.so
/tmp/_MEIj3d49T/libffi.so.6

我跑了lynisrkhunter但他们没有报告此事。我如何知道我是否确实安装了此 Rootkit?

答案1

下的可执行文件/tmp将被标记Linux.Xor.DDoSchkrootkit.尝试一下:

touch /tmp/test.sh
chmod +x /tmp/test.sh
sudo chkrootkit

答案2

这是由于安装了docker-compose,请参阅https://github.com/docker/compose/issues/4388

这是因为使用https://pyinstaller.org/

您可以删除该目录。

这是误报。

相关内容