** Starting Rootcheck v2.0 by Third Brigade **
** http://www.ossec.net/en/about.html#dev-team **
** http://www.ossec.net/rootcheck/ **

Be patient, it may take a few minutes to complete...

[INFO]: Starting rootcheck scan.

[OK]: No presence of public rootkits detected. Analyzed 269 files.

[OK]: No binaries with any trojan detected. Analyzed 79 files.

[INFO]: System Audit: Web exploits (uncommon file name inside htdocs) - Possible compromise. File: /var/www/vhosts/chroot/bin/id. Reference: http://www.ossec.net/wiki/index.php/WebAttacks_links .

[OK]: No problem detected on the /dev directory. Analyzed 241 files

[FAILED]: File '/var/www/vhosts/chroot/bin/ls' is:
- owned by root,
- has written permissions to anyone.

[OK]: No hidden process by Kernel-level rootkits.
/bin/ps is not trojaned. Analyzed 32768 processes.

[OK]: No kernel-level rootkit hiding any port.
Netstat is acting correctly. Analyzed 131072 ports.



[OK]: No problem detected on ifconfig/ifs. Analyzed 3 interfaces.


- Scan completed in 62 seconds.