The files listed here were found in some infected/owned machines. They are not part of any rootkit, but some “crackers” use them. They can be a log of some sniffer, a sniffer or a lot of other things.
Take a careful look if you find any of these files in your system.
N/A
N/A
etc/rc.d/init.d/rc.modules
lib/ldd.so
usr/man/muie
usr/X11R6/include/pain
usr/bin/sourcemask
usr/bin/ras2xm
usr/bin/ddc
usr/bin/jdc
usr/sbin/in.telnet
sbin/vobiscum
usr/sbin/jcd
usr/sbin/atd2
usr/bin/ishit
usr/bin/.etc
usr/bin/xstat
var/run/.tmp
usr/man/man1/lib/.lib
usr/man/man2/.man8
var/run/.pid
lib/.so
lib/.fx
lib/lblip.tk
usr/lib/.fx
var/local/.lpd
dev/rd/cdb
dev/.rd/
usr/lib/pt07
usr/bin/atm
tmp/.cheese
dev/.arctic
dev/.xman
dev/srd0
dev/ptyzx
dev/ptyzg
dev/xdf1
dev/ttyop
dev/ttyof
dev/hd5
dev/hd6
dev/hd7
dev/hdx1
dev/hdx2
dev/xdf2
dev/ptyp
dev/ptyr
*/.src
*last.cgi
*nobody.cgi
*void.cgi
*all4one.cgi
*xntps
*/.xman
*/.arctic
*psybnc
*mech.session
*sshdu
Note
All files with an “*” need to be search in all system