Lynis and rkhunter both work well… I could also get speedtest.net cli running. I’m not super good at Lynis, but I think it’s saying things are okay. And I’ve yet to find malware or rootkit with rkhunter. I hope to add a cronjob for rkhunter to update, then run at lease once every two weeks at midnight.
Update: I found (not sure if it’s accurate) evidence of the Mokes backdoor… Anyone who can validate this?
I think I will post my logs a little later today… I have a suspicion of the Android kernel from Xperia being the issue… Or, possibly since this device was bought used, there may have been a chance for a bad actor to do something to it… Irrespective, I think this needs a good set of eyes placed on it. I’m not sure if people ever considered to scan for malware with tools like Lynis and Rkhunter… Although, it could be a false-positive, and those do occur…
ClamAV does not currently function in 4.x that I know of. I think there is work being done to allow adapting to function on 4.x.
Stop doing things you don’t understand.
A bit blunt, but looking at the log shows that it found a lot of files (mostly in /dev/ that list off ASCII). I was just taking a look, but, it at least appears that it was a false alarm after all (especially since the utility (rkhunter) expressly stated within the backdoor list that Mokeswas not found
I won’t lie that I don’t understand much of it, but that’s how people learn. I see it as an opportunity to learn something new.
Lol.
rkhunter has in 15 years not once reported anything but false positives.
What are you trying to achieve?