%lin001w
A program installed in your system has probably been not installed
by a package of your Linux packaging system. If this binary has
been installed by the administrator note that /usr/local/ is the
place for this files.
%lin002i
Installed processes listening on Internet interfaces must be
tightly controlled since they are the "open doors" to the 
outside.
%lin003w
Processes that have not been run by root are listening on
interfaces open to the outside. This processes might have been
run by root and changed uids or might be rogue processes.
Confirm if their presence is necessary.
%lin004i
Netstat can be used instead of lsof in order to provide information
on listening processes, however it will provide less info since it
cannot determine the process (or PID) associated with the open socket
or the user that runs it.
%lin005e
In Debian systems, checksums are stored in /var/lib/dpkg/info/
if the md5sum of a file differs from the checksum of installed packages
it might be due to changes made by the system administrator (for
example, files in /etc) by everyday use of by a possible intruder
(who might have placed a trojan instead of the checked file)
Be forewarned, an attacker might have modified this info files
(they are not protected against this)
%lin006w
A file installed by a package no longer exists in the system and
cannot be checked for. An administrator should not remove files from
the system, they should be removed uninstalling the packages that
provided them. This is an unusual behavior.