Rkhunter warning

[meanmistermustard]

I just installed and ran rkhunter and got a couple warnings but I'm not sure if there's anything to be concerned about or not.

Here is the relevant part of the log:

Checking /dev for suspicious file types [ Warning ]
[05:26:59] Warning: Suspicious files found in /dev:
[05:26:59] /dev/shm/pulse-shm-2848739677: data
[05:26:59] /dev/shm/pulse-shm-1497110289: data
[05:26:59] /dev/shm/pulse-shm-4001711201: data
[05:26:59] /dev/shm/pulse-shm-3211331735: data
[05:27:00] Checking for hidden files and directories [ Warning ]
[05:27:00] Warning: Hidden directory found: /etc/.java
[05:27:00] Warning: Hidden directory found: /dev/.static
[05:27:01] Warning: Hidden directory found: /dev/.udev
[05:27:01] Warning: Hidden directory found: /dev/.initramfs

Thanks

[claudiu]

Add the following line to your rkhunter config file:

ALLOWDEVFILE=/dev/shm/pulse-shm-*

That files are specific to Ubuntu.

EDIT:
I forgot about the other files, check them out and see what you have there.

[meanmistermustard]

Thanks claudiu,

Being waaaay out of my depth here, none of this means anything to me.


There are two files in /etc/.java:

/etc/.java/.systemPrefs/.system.lock
/etc/.java/.systemPrefs/.systemRootModFile



Here's the contents of /dev/.static
98 items in /dev


/dev/.static/dev/fd
/dev/.static/dev/pts
/dev/.static/dev/shm
/dev/.static/dev/agpgart
/dev/.static/dev/audio
/dev/.static/dev/audio1
/dev/.static/dev/audio2
/dev/.static/dev/audio3
/dev/.static/dev/audioctl
/dev/.static/dev/console
/dev/.static/dev/core
/dev/.static/dev/dsp
/dev/.static/dev/dsp1
/dev/.static/dev/dsp2
/dev/.static/dev/dsp3
/dev/.static/dev/full
/dev/.static/dev/i2c-0
/dev/.static/dev/i2c-1
/dev/.static/dev/i2c-2
/dev/.static/dev/i2c-3
/dev/.static/dev/i2c-4
/dev/.static/dev/i2c-5
/dev/.static/dev/i2c-6
/dev/.static/dev/i2c-7
/dev/.static/dev/kmem
/dev/.static/dev/loop0
/dev/.static/dev/loop1
/dev/.static/dev/loop2
/dev/.static/dev/loop3
/dev/.static/dev/loop4
/dev/.static/dev/loop5
/dev/.static/dev/loop6
/dev/.static/dev/loop7
/dev/.static/dev/mem
/dev/.static/dev/midi0
/dev/.static/dev/midi00
/dev/.static/dev/midi1
/dev/.static/dev/midi01
/dev/.static/dev/midi2
/dev/.static/dev/midi02
/dev/.static/dev/midi3
/dev/.static/dev/midi03
/dev/.static/dev/mixer
/dev/.static/dev/mixer1
/dev/.static/dev/mixer2
/dev/.static/dev/mixer3
/dev/.static/dev/mpu401data
/dev/.static/dev/mpu401stat
/dev/.static/dev/null
/dev/.static/dev/port
/dev/.static/dev/ptmx
/dev/.static/dev/ram
/dev/.static/dev/ram0
/dev/.static/dev/ram1
/dev/.static/dev/ram2
/dev/.static/dev/ram3
/dev/.static/dev/ram4
/dev/.static/dev/ram5
/dev/.static/dev/ram6
/dev/.static/dev/ram7
/dev/.static/dev/ram8
/dev/.static/dev/ram9
/dev/.static/dev/ram10
/dev/.static/dev/ram11
/dev/.static/dev/ram12
/dev/.static/dev/ram13
/dev/.static/dev/ram14
/dev/.static/dev/ram15
/dev/.static/dev/ram16
/dev/.static/dev/random
/dev/.static/dev/raw1394
/dev/.static/dev/rmidi0
/dev/.static/dev/rmidi1
/dev/.static/dev/rmidi2
/dev/.static/dev/rmidi3
/dev/.static/dev/sequencer
/dev/.static/dev/smpte0
/dev/.static/dev/smpte1
/dev/.static/dev/smpte2
/dev/.static/dev/smpte3
/dev/.static/dev/sndstat
/dev/.static/dev/stderr
/dev/.static/dev/stdin
/dev/.static/dev/stdout
/dev/.static/dev/tty
/dev/.static/dev/tty0
/dev/.static/dev/tty1
/dev/.static/dev/tty2
/dev/.static/dev/tty3
/dev/.static/dev/tty4
/dev/.static/dev/tty5
/dev/.static/dev/tty6
/dev/.static/dev/tty7
/dev/.static/dev/tty8
/dev/.static/dev/tty9
/dev/.static/dev/urandom
/dev/.static/dev/xconsole
/dev/.static/dev/zero


And:
/dev/.initramfs
/dev/.initramfs/varrun (#this contains one file, "sendsigs.omit)
/dev/.initramfs/usplash_fifo
/dev/.initramfs/usplash_outfifo

And:
/dev/.udev (# only /db and /rules.d are empty)
/dev/.udev/db
/dev/.udev/failed (# there are 48 items here)
/dev/.udev/names (# contains 770 directories)
/dev/.udev/rules.d
/dev/.udev/uevent_seqnum