Find the answer to your Linux question:
Results 1 to 7 of 7
I just installed and ran rkhunter, and I got a result I'm a little unsure about. During the filesystem check it said that it was checking for hidden files and ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Guru smolloy's Avatar
    Join Date
    Apr 2005
    Location
    CA, but from N.Ireland
    Posts
    2,414

    Running rkhunter for the first time


    I just installed and ran rkhunter, and I got a result I'm a little unsure about. During the filesystem check it said that it was checking for hidden files and it told me to inspect /dev/.udev.

    I had a look around inside it and didn't find anything suspicious, but then what would I know! I've tried to post what I found here, but for some dumb reason copy and paste by clicking both mouse buttons has decided to stop working

    Anyway -- does anyone have any ideas about the rkhunter output?
    Registered Linux user #388328 || Registered LFS user #15880
    AMD 64 X2 4600+ :: 2X1GB DDR2 800 :: GeForce 9400 GT 512MB :: ASUS M2N32 Deluxe :: 4X250GB SATAII
    Need instant help? Try us on IRC -- #linuxforums on freenode

  2. #2
    Linux Guru fingal's Avatar
    Join Date
    Jul 2003
    Location
    Birmingham - UK
    Posts
    1,539
    It's probably not much to worry about. To copy and paste are you able to highlight the output and select 'Copy' as a menu option from the top of the Bash environment (I'm assuming Bash ... maybe you prefer Sh?)

    rkhunter is quite good at producing alarming output ... Actually it's very useful and can highlight system vulnerabilities you wouldn't otherwise know about ... but it can also scare the pants of you.

    You might try pasting some of the output into Google between a " " to see if that provides illumination.
    I am always doing that which I can not do, in order that I may learn how to do it. - Pablo Picasso

  3. #3
    Super Moderator devils casper's Avatar
    Join Date
    Jun 2006
    Location
    Chandigarh, India
    Posts
    24,729
    Quote Originally Posted by smolloy
    During the filesystem check it said that it was checking for hidden files and it told me to inspect /dev/.udev
    same warning message in my box. there are two more folders listed having name starting with dot.
    i checked /dev folder but nothing was suspicious and i ignored these warnings. i am not in Linux box right now. i will check it again. do let me know if you find any info regarding this. i will also google about it.



    Casper
    It is amazing what you can accomplish if you do not care who gets the credit.
    New Users: Read This First

  4. $spacer_open
    $spacer_close
  5. #4
    Trusted Penguin Dapper Dan's Avatar
    Join Date
    Oct 2004
    Location
    The Sovereign State of South Carolina
    Posts
    4,630
    I'm with fingal and devils_casper on this, nothing to worry about. I get that one too along with other hidden files in /etc and /dev. I check them from time to time and they are just empty files with no text. Another thing about RKhunter: No matter how up to date my openssl is, it always shows that it as vulnerable! Haven't figured that one out yet. RKHunter is a great Linux app.
    Linux Mint + IceWM Registered: #371367 New Members: click here

  6. #5
    Linux Guru fingal's Avatar
    Join Date
    Jul 2003
    Location
    Birmingham - UK
    Posts
    1,539
    Quote Originally Posted by Dapper Dan
    Another thing about RKhunter: No matter how up to date my openssl is, it always shows that it as vulnerable! Haven't figured that one out yet. RKHunter is a great Linux app.
    Ah! Now that really is interesting ... I get the same message about OpenSSL and it had been worrying me! Now I'm not worried, so I'm pleased I read this.
    I am always doing that which I can not do, in order that I may learn how to do it. - Pablo Picasso

  7. #6
    Linux Guru smolloy's Avatar
    Join Date
    Apr 2005
    Location
    CA, but from N.Ireland
    Posts
    2,414
    Thanks guys. It's good to know that all's safe and sound with my server!
    Registered Linux user #388328 || Registered LFS user #15880
    AMD 64 X2 4600+ :: 2X1GB DDR2 800 :: GeForce 9400 GT 512MB :: ASUS M2N32 Deluxe :: 4X250GB SATAII
    Need instant help? Try us on IRC -- #linuxforums on freenode

  8. #7
    Linux Engineer Thrillhouse's Avatar
    Join Date
    Jun 2006
    Location
    Arlington, VA, USA
    Posts
    1,377
    While we're on the subject, I get a bunch of bad MD5 checksums on my system tools, 23 out of 52 in fact, when running rkhunter. I didn't think it would be a big deal but is there something I should do about them? I tried running rkhunter --update but that didn't seem to do much. I've looked around the internet for the same problem and it seems like some people have encountered it but just don't do anything about it. So should I just ignore them?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •