RK Hunter Results

[Salient]

Hey friends,

I have a few warnings (no rootkits found) that i was wondering how i could fix to make my box more secure ...

[Warning Hidden Files]
/dev/.started
/dev/.udevdb /etc/.kstylerc.lock
/etc/.pwd.lock
/etc/.qt_plugins_3.3rc.lock
/etc/.qtrc.lock
---------------
Please inspect: /dev/.udevdb (directory)

I inspected the directory - seemed to be KDE theme files and information - possibly wrongly installed by me? (couldn't locate the pwd.lock file)


- OpenSSH 3.6.1p2 [ Vulnerable ]
Can i update this version? ... or turn it off?


Checking for allowed protocols... [ Warning ]
info: Users can use SSH1-protocol.
Same question by me as above.

thanks for any info.

[puntmuts]

The hidden files warning look harmless to me. I do not prefer to have temporary files written to /etc but that is a matter of taste. The .udevdb dir is a database with devices and is used by udev.

OpenSSH should be updated and your distro has probably a package for it. So check their site for updates. Howto disable openssh is dependant on what Linux distro you are using. Most Linux distributions come with tools to do that.

To disable v1 logins edit the sshd_config file and Remove the 1 from the protocols line. Should be :

Code:

Protocol 2

[Salient]

Thanks ... got SSH updated to 3.9. - I used the Synaptic Package Manager.
RK Hunter isn't a half bad security analyzer - even if one knows they don't have a rootkit