Find the answer to your Linux question:
Results 1 to 2 of 2
Is this normal? Suspect applications: 2 Suspect files: 7 Code: [09:53:29] /bin/dmesg [ Warning ] [09:53:29] Warning: The file properties have changed: [09:53:29] File: /bin/dmesg [09:53:30] Current inode: 853679 Stored ...
  1. 06-10-2010 #1
    dmk06
    dmk06 is offline
    Just Joined! dmk06's Avatar
    Join Date
    Jun 2010
    Location
    San Diego
    Posts
    37

    rkhunter suspect files and applications?

    Is this normal?
    Suspect applications: 2
    Suspect files: 7

    Code:
    [09:53:29] /bin/dmesg                                        [ Warning ]
[09:53:29] Warning: The file properties have changed:
[09:53:29]          File: /bin/dmesg
[09:53:30]          Current inode: 853679    Stored inode: 853739
[09:53:40] /bin/logger                                       [ Warning ]
[09:53:40] Warning: The file properties have changed:
[09:53:40]          File: /bin/logger
[09:53:40]          Current inode: 853732    Stored inode: 853722

[09:53:48] /bin/more                                         [ Warning ]
[09:53:48] Warning: The file properties have changed:
[09:53:48]          File: /bin/more
[09:53:48]          Current inode: 853722    Stored inode: 853723
[09:53:48] /bin/mount                                        [ Warning ]
[09:53:49] Warning: The file properties have changed:
[09:53:49]          File: /bin/mount
[09:53:49]          Current inode: 853723    Stored inode: 853724

[09:54:54] /usr/bin/whereis                                  [ Warning ]
[09:54:54] Warning: The file properties have changed:
[09:54:54]          File: /usr/bin/whereis
[09:54:54]          Current inode: 912529    Stored inode: 912530
[09:54:54] /usr/bin/which                                    [ Warning ]
[09:54:54] Warning: The file properties have changed:
[09:54:54]          File: /usr/bin/which
[09:54:54]          Current inode: 912530    Stored inode: 912535

[09:55:04] /sbin/nologin                                     [ Warning ]
[09:55:05] Warning: The file properties have changed:
[09:55:05]          File: /sbin/nologin
[09:55:05]          Current inode: 1075383    Stored inode: 1075384
[.....]
[11:08:22] Performing filesystem checks
[11:08:22] Info: Starting test name 'filesystem'
[11:08:22] Info: SCAN_MODE_DEV set to 'THOROUGH'
[11:08:22] Info: Found file '/dev/shm/pulse-shm-896989103': it is whitelisted.
[11:08:22] Info: Found file '/dev/shm/pulse-shm-3086050036': it is whitelisted.
[11:08:22] Info: Found file '/dev/shm/sysconfig/new-stamp-6': it is whitelisted.
[11:08:22] Info: Found file '/dev/shm/sysconfig/new-stamp-5': it is whitelisted.
[11:08:22] Info: Found file '/dev/shm/sysconfig/config-lo': it is whitelisted.
[11:08:22] Info: Found file '/dev/shm/sysconfig/new-stamp-4': it is whitelisted.
[11:08:22] Info: Found file '/dev/shm/sysconfig/config-eth0': it is whitelisted.
[11:08:22] Info: Found file '/dev/shm/sysconfig/new-stamp-2': it is whitelisted.
[11:08:22]   Checking /dev for suspicious file types         [ Warning ]
[11:08:22] Warning: Suspicious file types found in /dev:
[11:08:22]          /dev/shm/sysconfig/config-wlan0: ASCII text
[11:08:23] Info: Found hidden directory '/dev/.udev': it is whitelisted.
[11:08:23]   Checking for hidden files and directories       [ None found ]
[11:08:32]
[11:08:32] Checking application versions...
[11:08:32] Info: Starting test name 'apps'
[11:08:34] Info: Application 'exim' not found.
[11:08:34]   Checking version of GnuPG                       [ OK ]
[11:08:34] Info: Application 'gpg' version '2.0.9' found.
[11:08:34] Info: Application 'httpd' not found.
[11:08:34] Info: Application 'named' not found.
[11:08:34]   Checking version of OpenSSL                     [ Warning ]
[11:08:34] Warning: Application 'openssl', version '0.9.8h', is out of date, and possibly a security risk.
[11:08:34]   Checking version of PHP                         [ OK ]
[11:08:34] Info: Application 'php' version '5.2.13' found.
[11:08:34]   Checking version of Procmail MTA                [ OK ]
[11:08:34] Info: Application 'procmail' version '3.22' found.
[11:08:34] Info: Application 'proftpd' not found.
[11:08:35]   Checking version of OpenSSH                     [ Warning ]
[11:08:35] Warning: Application 'sshd', version '5.1p1', is out of date, and possibly a security risk.
[11:08:35] Info: Applications checked: 5 out of 9
[11:08:35]
[11:08:35] System checks summary
[11:08:35] =====================
[11:08:35]
[11:08:35] File properties checks...
[11:08:35] Files checked: 144
[11:08:35] Suspect files: 7
[11:08:35]
[11:08:35] Rootkit checks...
[11:08:35] Rootkits checked : 245
[11:08:35] Possible rootkits: 0
[11:08:35]
[11:08:35] Applications checks...
[11:08:35] Applications checked: 5
[11:08:35] Suspect applications: 2
[11:08:35]
    Code:
    /dev # ls -la
total 4
drwxr-xr-x  13 root root      4680 2010-06-10 11:42 .
drwxr-xr-x  24 root root      4096 2010-06-10 11:41 ..
crw-rw----+  1 root audio  14,  12 2010-06-10 11:42 adsp
crw-------   1 root video  10, 175 2010-06-10 04:41 agpgart
crw-rw----+  1 root audio  14,   4 2010-06-10 11:42 audio
prw-------   1 root root         0 2010-06-10 11:42 blog
prw-------   1 root root         0 2010-06-10 11:42 bootsplash
drwxr-xr-x   2 root root        80 2010-06-10 04:41 bsg
drwxr-xr-x   3 root root        60 2010-06-10 04:41 bus
lrwxrwxrwx   1 root root         3 2010-06-10 04:41 cdrom -> sr0
lrwxrwxrwx   1 root root         3 2010-06-10 04:41 cdrw -> sr0
crw-------   1 root root    5,   1 2009-04-14 03:16 console
lrwxrwxrwx   1 root root        11 2010-06-10 04:41 core -> /proc/kcore
crw-rw----   1 root root   10,  63 2010-06-10 04:41 cpu_dma_latency
crw-rw----   1 root root   10,  60 2010-06-10 11:41 device-mapper
drwxr-xr-x   6 root root       120 2010-06-10 04:41 disk
drwxr-xr-x   2 root root        60 2010-06-10 11:42 dri
crw-rw----+  1 root audio  14,   3 2010-06-10 11:42 dsp
lrwxrwxrwx   1 root root         3 2010-06-10 04:41 dvd -> sr0
lrwxrwxrwx   1 root root         3 2010-06-10 04:41 fb -> fb0
crw-rw----   1 root video  29,   0 2010-06-10 04:41 fb0
lrwxrwxrwx   1 root root        13 2010-06-10 04:41 fd -> /proc/self/fd
crw-rw-rw-   1 root root    1,   7 2010-06-10 04:41 full
crw-rw-rw-   1 root root   10, 229 2010-06-10 11:41 fuse
crw-rw----   1 root root   10, 200 2009-04-14 03:16 fwmonitor
crw-rw----   1 root root  180,  96 2010-06-10 04:41 hiddev0
crw-rw----   1 root root  251,   0 2010-06-10 04:41 hidraw0
crw-rw----   1 root root  251,   1 2010-06-10 04:41 hidraw1
crw-rw----   1 root root   10, 228 2010-06-10 04:41 hpet
prw-------   1 root root         0 2010-06-10 04:41 initctl
drwxr-xr-x   4 root root       400 2010-06-10 04:41 input
crw-r-----   1 root kmem    1,   2 2010-06-10 04:41 kmem
crw-rw----   1 root root    1,  11 2009-04-14 03:16 kmsg
srw-rw-rw-   1 root root         0 2010-06-10 11:41 log
brw-rw----   1 root disk    7,   0 2010-06-10 11:41 loop0
brw-rw----   1 root disk    7,   1 2010-06-10 11:41 loop1
brw-rw----   1 root disk    7,   2 2010-06-10 11:41 loop2
brw-rw----   1 root disk    7,   3 2010-06-10 11:41 loop3
brw-rw----   1 root disk    7,   4 2010-06-10 11:41 loop4
brw-rw----   1 root disk    7,   5 2010-06-10 11:41 loop5
brw-rw----   1 root disk    7,   6 2010-06-10 11:41 loop6
brw-rw----   1 root disk    7,   7 2010-06-10 11:41 loop7
crw-rw----   1 root lp      6,   0 2009-04-14 03:16 lp0
drwxr-xr-x   2 root root        60 2010-06-10 11:41 mapper
brw-r-----   1 root disk    9,   0 2009-03-17 16:29 md0
brw-r-----   1 root disk    9,   1 2009-03-17 16:29 md1
brw-r-----   1 root disk    9,  10 2009-03-17 16:29 md10
brw-r-----   1 root disk    9,  11 2009-03-17 16:29 md11
brw-r-----   1 root disk    9,  12 2009-03-17 16:29 md12
brw-r-----   1 root disk    9,  13 2009-03-17 16:29 md13
brw-r-----   1 root disk    9,  14 2009-03-17 16:29 md14
brw-r-----   1 root disk    9,  15 2009-03-17 16:29 md15
brw-r-----   1 root disk    9,  16 2009-03-17 16:29 md16
brw-r-----   1 root disk    9,  17 2009-03-17 16:29 md17
brw-r-----   1 root disk    9,  18 2009-03-17 16:29 md18
brw-r-----   1 root disk    9,  19 2009-03-17 16:29 md19
brw-r-----   1 root disk    9,   2 2009-03-17 16:29 md2
brw-r-----   1 root disk    9,  20 2009-03-17 16:29 md20
brw-r-----   1 root disk    9,  21 2009-03-17 16:29 md21
brw-r-----   1 root disk    9,  22 2009-03-17 16:29 md22
brw-r-----   1 root disk    9,  23 2009-03-17 16:29 md23
brw-r-----   1 root disk    9,  24 2009-03-17 16:29 md24
brw-r-----   1 root disk    9,  25 2009-03-17 16:29 md25
brw-r-----   1 root disk    9,  26 2009-03-17 16:29 md26
brw-r-----   1 root disk    9,  27 2009-03-17 16:29 md27
brw-r-----   1 root disk    9,  28 2009-03-17 16:29 md28
brw-r-----   1 root disk    9,  29 2009-03-17 16:29 md29
brw-r-----   1 root disk    9,   3 2009-03-17 16:29 md3
brw-r-----   1 root disk    9,  30 2009-03-17 16:29 md30
brw-r-----   1 root disk    9,  31 2009-03-17 16:29 md31
brw-r-----   1 root disk    9,   4 2009-03-17 16:29 md4
brw-r-----   1 root disk    9,   5 2009-03-17 16:29 md5
brw-r-----   1 root disk    9,   6 2009-03-17 16:29 md6
brw-r-----   1 root disk    9,   7 2009-03-17 16:29 md7
brw-r-----   1 root disk    9,   8 2009-03-17 16:29 md8
brw-r-----   1 root disk    9,   9 2009-03-17 16:29 md9
crw-r-----   1 root kmem    1,   1 2010-06-10 04:41 mem
crw-rw----+  1 root audio  14,   0 2010-06-10 11:42 mixer
drwxr-xr-x   2 root root        60 2010-05-05 02:08 net
crw-rw----   1 root root   10,  62 2010-06-10 04:41 network_latency
crw-rw----   1 root root   10,  61 2010-06-10 04:41 network_throughput
crw-rw-rw-   1 root root    1,   3 2009-04-14 03:16 null
crw-rw----   1 root root    1,  12 2010-06-10 04:41 oldmem
crw-rw----   1 root root  254,   0 2010-06-10 04:41 perfmonctl
crw-r-----   1 root kmem    1,   4 2010-06-10 04:41 port
crw-rw----   1 root root  108,   0 2009-04-14 03:16 ppp
crw-rw----   1 root root   10,   1 2010-06-10 04:41 psaux
crw-rw-rw-   1 root tty     5,   2 2010-06-10 12:04 ptmx
drwxr-xr-x   2 root root         0 2010-06-10 04:41 pts
crw-rw-rw-   1 root root    1,   8 2010-06-10 04:41 random
lrwxrwxrwx   1 root root         4 2010-06-10 04:41 root -> sda6
crw-rw----   1 root root   36,   0 2009-04-14 03:16 route
lrwxrwxrwx   1 root root         4 2010-06-10 04:41 rtc -> rtc0
crw-r--r--   1 root root  250,   0 2010-06-10 04:41 rtc0
lrwxrwxrwx   1 root root         3 2010-06-10 04:41 scd0 -> sr0
brw-rw----   1 root disk    8,   0 2010-06-10 04:41 sda
brw-rw----   1 root disk    8,   1 2010-06-10 04:41 sda1
brw-rw----   1 root disk    8,   2 2010-06-10 04:41 sda2
brw-rw----   1 root disk    8,   3 2010-06-10 04:41 sda3
brw-rw----   1 root disk    8,   5 2010-06-10 04:41 sda5
brw-rw----   1 root disk    8,   6 2010-06-10 04:41 sda6
brw-rw----   1 root disk    8,   7 2010-06-10 04:41 sda7
brw-rw----   1 root disk    8,   8 2010-06-10 04:41 sda8
brw-rw----   1 root disk    8,   9 2010-06-10 04:41 sda9
crw-r-----   1 root disk   21,   0 2010-06-10 04:41 sg0
crw-rw----+  1 root disk   21,   1 2010-06-10 04:41 sg1
drwxrwxrwt   3 root root        80 2010-06-10 11:45 shm
crw-rw----   1 root root   10, 200 2009-04-14 03:16 skip
crw-rw----   1 root root   10, 231 2010-06-10 04:41 snapshot
drwxr-xr-x   2 root root       240 2010-06-10 11:42 snd
brw-rw----+  1 root disk   11,   0 2010-06-10 04:41 sr0
lrwxrwxrwx   1 root root        15 2010-06-10 04:41 stderr -> /proc/self/fd/2
lrwxrwxrwx   1 root root        15 2010-06-10 04:41 stdin -> /proc/self/fd/0
lrwxrwxrwx   1 root root        15 2010-06-10 04:41 stdout -> /proc/self/fd/1
crw-rw-rw-   1 root tty     5,   0 2009-04-14 03:16 tty
crw--w----   1 root root    4,   0 2010-06-10 04:41 tty0
crw-rw----   1 root tty     4,   1 2010-06-10 11:42 tty1
crw--w----   1 root tty     4,  10 2010-06-10 11:49 tty10
crw--w----   1 root tty     4,  11 2010-06-10 04:41 tty11
crw--w----   1 root tty     4,  12 2010-06-10 04:41 tty12
crw--w----   1 root tty     4,  13 2010-06-10 04:41 tty13
crw--w----   1 root tty     4,  14 2010-06-10 04:41 tty14
crw--w----   1 root tty     4,  15 2010-06-10 04:41 tty15
crw--w----   1 root tty     4,  16 2010-06-10 04:41 tty16
crw--w----   1 root tty     4,  17 2010-06-10 04:41 tty17
crw--w----   1 root tty     4,  18 2010-06-10 04:41 tty18
crw--w----   1 root tty     4,  19 2010-06-10 04:41 tty19
crw-rw----   1 root tty     4,   2 2010-06-10 11:42 tty2
crw--w----   1 root tty     4,  20 2010-06-10 04:41 tty20
crw--w----   1 root tty     4,  21 2010-06-10 04:41 tty21
crw--w----   1 root tty     4,  22 2010-06-10 04:41 tty22
crw--w----   1 root tty     4,  23 2010-06-10 04:41 tty23
crw--w----   1 root tty     4,  24 2010-06-10 04:41 tty24
crw--w----   1 root tty     4,  25 2010-06-10 04:41 tty25
crw--w----   1 root tty     4,  26 2010-06-10 04:41 tty26
crw--w----   1 root tty     4,  27 2010-06-10 04:41 tty27
crw--w----   1 root tty     4,  28 2010-06-10 04:41 tty28
crw--w----   1 root tty     4,  29 2010-06-10 04:41 tty29
crw-rw----   1 root tty     4,   3 2010-06-10 11:42 tty3
crw--w----   1 root tty     4,  30 2010-06-10 04:41 tty30
crw--w----   1 root tty     4,  31 2010-06-10 04:41 tty31
crw--w----   1 root tty     4,  32 2010-06-10 04:41 tty32
crw--w----   1 root tty     4,  33 2010-06-10 04:41 tty33
crw--w----   1 root tty     4,  34 2010-06-10 04:41 tty34
crw--w----   1 root tty     4,  35 2010-06-10 04:41 tty35
crw--w----   1 root tty     4,  36 2010-06-10 04:41 tty36
crw--w----   1 root tty     4,  37 2010-06-10 04:41 tty37
crw--w----   1 root tty     4,  38 2010-06-10 04:41 tty38
crw--w----   1 root tty     4,  39 2010-06-10 04:41 tty39
crw-rw----   1 root tty     4,   4 2010-06-10 11:42 tty4
crw--w----   1 root tty     4,  40 2010-06-10 04:41 tty40
crw--w----   1 root tty     4,  41 2010-06-10 04:41 tty41
crw--w----   1 root tty     4,  42 2010-06-10 04:41 tty42
crw--w----   1 root tty     4,  43 2010-06-10 04:41 tty43
crw--w----   1 root tty     4,  44 2010-06-10 04:41 tty44
crw--w----   1 root tty     4,  45 2010-06-10 04:41 tty45
crw--w----   1 root tty     4,  46 2010-06-10 04:41 tty46
crw--w----   1 root tty     4,  47 2010-06-10 04:41 tty47
crw--w----   1 root tty     4,  48 2010-06-10 04:41 tty48
crw--w----   1 root tty     4,  49 2010-06-10 04:41 tty49
crw-rw----   1 root tty     4,   5 2010-06-10 11:42 tty5
crw--w----   1 root tty     4,  50 2010-06-10 04:41 tty50
crw--w----   1 root tty     4,  51 2010-06-10 04:41 tty51
crw--w----   1 root tty     4,  52 2010-06-10 04:41 tty52
crw--w----   1 root tty     4,  53 2010-06-10 04:41 tty53
crw--w----   1 root tty     4,  54 2010-06-10 04:41 tty54
crw--w----   1 root tty     4,  55 2010-06-10 04:41 tty55
crw--w----   1 root tty     4,  56 2010-06-10 04:41 tty56
crw--w----   1 root tty     4,  57 2010-06-10 04:41 tty57
crw--w----   1 root tty     4,  58 2010-06-10 04:41 tty58
crw--w----   1 root tty     4,  59 2010-06-10 04:41 tty59
crw-rw----   1 root tty     4,   6 2010-06-10 11:42 tty6
crw--w----   1 root tty     4,  60 2010-06-10 04:41 tty60
crw--w----   1 root tty     4,  61 2010-06-10 04:41 tty61
crw--w----   1 root tty     4,  62 2010-06-10 04:41 tty62
crw--w----   1 root tty     4,  63 2010-06-10 04:41 tty63
crw--w----   1 root tty     4,   7 2010-06-10 04:41 tty7
crw--w----   1 root tty     4,   8 2010-06-10 04:41 tty8
crw--w----   1 root tty     4,   9 2010-06-10 04:41 tty9
crw-rw----   1 root uucp    4,  64 2009-04-14 03:16 ttyS0
crw-rw----   1 root uucp    4,  65 2009-04-14 03:16 ttyS1
crw-rw----   1 root uucp    4,  66 2009-04-14 03:16 ttyS2
crw-rw----   1 root uucp    4,  67 2009-04-14 03:16 ttyS3
crw-rw----   1 root uucp    4,  68 2009-04-14 03:16 ttyS4
crw-rw----   1 root uucp    4,  69 2009-04-14 03:16 ttyS5
crw-rw----   1 root uucp    4,  70 2009-04-14 03:16 ttyS6
crw-rw----   1 root uucp    4,  71 2009-04-14 03:16 ttyS7
drwxr-xr-x   5 root root       120 2010-06-10 11:42 .udev
crw-rw-rw-   1 root root    1,   9 2010-06-10 11:41 urandom
crw-rw----   1 root root  252,   1 2010-06-10 04:41 usbdev1.1_ep00
crw-rw----   1 root root  252,   0 2010-06-10 04:41 usbdev1.1_ep81
crw-rw----   1 root root  252,   3 2010-06-10 04:41 usbdev2.1_ep00
crw-rw----   1 root root  252,   2 2010-06-10 04:41 usbdev2.1_ep81
crw-rw----   1 root root  252,   5 2010-06-10 04:41 usbdev3.1_ep00
crw-rw----   1 root root  252,   4 2010-06-10 04:41 usbdev3.1_ep81
crw-rw----   1 root root  252,   7 2010-06-10 04:41 usbdev4.1_ep00
crw-rw----   1 root root  252,   6 2010-06-10 04:41 usbdev4.1_ep81
crw-rw----   1 root root  252,   9 2010-06-10 04:41 usbdev5.1_ep00
crw-rw----   1 root root  252,   8 2010-06-10 04:41 usbdev5.1_ep81
crw-rw----   1 root root  252,  14 2010-06-10 04:41 usbdev5.2_ep00
crw-rw----   1 root root  252,  12 2010-06-10 04:41 usbdev5.2_ep81
crw-rw----   1 root root  252,  13 2010-06-10 04:41 usbdev5.2_ep82
crw-rw----   1 root root  252,  11 2010-06-10 04:41 usbdev6.1_ep00
crw-rw----   1 root root  252,  10 2010-06-10 04:41 usbdev6.1_ep81
crw-rw----   1 root root  252,  16 2010-06-10 04:41 usbdev7.1_ep00
crw-rw----   1 root root  252,  15 2010-06-10 04:41 usbdev7.1_ep81
crw-rw----   1 root tty     7,   0 2010-06-10 04:41 vcs
crw-rw----   1 root tty     7,   1 2010-06-10 04:41 vcs1
crw-rw----   1 root tty     7,  10 2010-06-10 11:41 vcs10
crw-rw----   1 root tty     7,   2 2010-06-10 11:42 vcs2
crw-rw----   1 root tty     7,   3 2010-06-10 11:42 vcs3
crw-rw----   1 root tty     7,   4 2010-06-10 11:42 vcs4
crw-rw----   1 root tty     7,   5 2010-06-10 11:42 vcs5
crw-rw----   1 root tty     7,   6 2010-06-10 11:42 vcs6
crw-rw----   1 root tty     7,   7 2010-06-10 11:42 vcs7
crw-rw----   1 root tty     7, 128 2010-06-10 04:41 vcsa
crw-rw----   1 root tty     7, 129 2010-06-10 04:41 vcsa1
crw-rw----   1 root tty     7, 138 2010-06-10 11:41 vcsa10
crw-rw----   1 root tty     7, 130 2010-06-10 11:42 vcsa2
crw-rw----   1 root tty     7, 131 2010-06-10 11:42 vcsa3
crw-rw----   1 root tty     7, 132 2010-06-10 11:42 vcsa4
crw-rw----   1 root tty     7, 133 2010-06-10 11:42 vcsa5
crw-rw----   1 root tty     7, 134 2010-06-10 11:42 vcsa6
crw-rw----   1 root tty     7, 135 2010-06-10 11:42 vcsa7
crw-rw----   1 root root   10,  59 2010-06-10 11:41 vmci
crw-rw----   1 root root   10, 165 2010-06-10 11:41 vmmon
crw-------   1 root root  119,   0 2010-06-10 11:41 vmnet0
crw-------   1 root root  119,   1 2010-06-10 11:41 vmnet1
crw-------   1 root root  119,   8 2010-06-10 11:41 vmnet8
crw-rw-rw-   1 root root   10,  58 2010-06-10 11:41 vsock
crw-rw----   1 root root   10, 130 2009-04-14 03:16 watchdog
prw-------   1 root tty          0 2010-06-10 11:49 xconsole
lrwxrwxrwx   1 root root         4 2010-06-10 04:41 XOR -> null
crw-rw-rw-   1 root root    1,   5 2009-04-14 03:16 zero
    Code:
    /dev/.udev # ls -la
total 4
drwxr-xr-x   5 root root  120 2010-06-10 11:42 .
drwxr-xr-x  13 root root 4680 2010-06-10 11:42 ..
drwxr-xr-x   2 root root 4040 2010-06-10 11:42 db
drwxr-xr-x 266 root root 5320 2010-06-10 11:42 names
drwxr-xr-x   2 root root   60 2010-06-10 04:41 rules.d
-rw-r--r--   1 root root    5 2010-06-10 11:42 uevent_seqnum
    chkrootkit always comes back okay but since installing rkhunter I've been wondering if everything is okay. Any help is appreciated, thanks.
    (I'm guessing the suspect applications are OpenSSH & OpenSSL b/c they are outdated but zypper tells me they're up-to-date?)
    Reply With Quote Reply With Quote
  2. 06-11-2010 #2
    dmk06
    dmk06 is offline
    Just Joined! dmk06's Avatar
    Join Date
    Jun 2010
    Location
    San Diego
    Posts
    37
    I'm guessing that rkhunter doesn't fully support SUSE:
    3.2) Rootkit Hunter tells me that I have an out-of-date or unsecure
    application installed. But I have fully patched my server!
    How is this possible?

    A. Some distributions, for example Red Hat and OpenBSD, do patch
    old versions of software. However, Rootkit Hunter thinks it is
    an old version, and so sees it as being unsecure.

    It is possible to whitelist specific applications, or specific
    versions of an application. The configuration file contains more
    details about this.

    If you wish you can skip the application version check completely
    by adding the 'apps' test name to the DISABLE_TESTS option in your
    rkhunter configuration file.
    Since chkrootkit looks okay and I installed it before rkhunter, i'll go with the output from chkrootkit.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

...