Find the answer to your Linux question:
Results 1 to 3 of 3
Hey friends, I have a few warnings (no rootkits found) that i was wondering how i could fix to make my box more secure ... [Warning Hidden Files] /dev/.started /dev/.udevdb ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2005
    Posts
    42

    RK Hunter Results


    Hey friends,

    I have a few warnings (no rootkits found) that i was wondering how i could fix to make my box more secure ...

    [Warning Hidden Files]
    /dev/.started
    /dev/.udevdb /etc/.kstylerc.lock
    /etc/.pwd.lock
    /etc/.qt_plugins_3.3rc.lock
    /etc/.qtrc.lock

    ---------------
    Please inspect: /dev/.udevdb (directory)

    I inspected the directory - seemed to be KDE theme files and information - possibly wrongly installed by me? (couldn't locate the pwd.lock file)


    - OpenSSH 3.6.1p2 [ Vulnerable ]
    Can i update this version? ... or turn it off?


    Checking for allowed protocols... [ Warning ]
    info: Users can use SSH1-protocol.
    Same question by me as above.

    thanks for any info.

  2. #2
    Linux Enthusiast puntmuts's Avatar
    Join Date
    Dec 2004
    Location
    Republic Banana
    Posts
    562
    The hidden files warning look harmless to me. I do not prefer to have temporary files written to /etc but that is a matter of taste. The .udevdb dir is a database with devices and is used by udev.

    OpenSSH should be updated and your distro has probably a package for it. So check their site for updates. Howto disable openssh is dependant on what Linux distro you are using. Most Linux distributions come with tools to do that.

    To disable v1 logins edit the sshd_config file and Remove the 1 from the protocols line. Should be :
    Code:
    Protocol 2

  3. #3
    Just Joined!
    Join Date
    May 2005
    Posts
    42
    Thanks ... got SSH updated to 3.9. - I used the Synaptic Package Manager.
    RK Hunter isn't a half bad security analyzer - even if one knows they don't have a rootkit

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •