Benny Butler wrote:
Andrew, I'm in the same boat, just /bin/kill on CentOS. I've pretty much ignored it up till now, but when I hear the answer, I'll implement it too. Thanks for asking. Or maybe we both just have the /bin/kill rootkit :)
First: rkhunter 1.2.8 is not the current version, upgrade to 1.2.9.Second: see section 4.4 of the FAQ (this is pretty much this mailinglist's mantra).
Nils Breunese.
On 11/21/06, Andrew Watson <[EMAIL PROTECTED]> wrote: Hi,I have run the rkhunter 1.2.8 on a centos4 (4-4.2 I think) and i am getting a single md5 checksum error on /bin/killHaving checked the faqs I find the advice to validate Files:- "strings <file>" and check for untrusted file paths (things like / dev/.hiddendir) - recently updated binaries and their original source. If it is due an update, please sent me an URI to the changed file (like a RPM), so I can add new hashes to the databases. - "file <file>" and compare them with others (especially trusted binaries). If some binaries are linked static and others are all dynamic, than they could have been trojaned..Unfortunately, these instructions don't mean much to a linux novice like me, so I'm hoping that someone can give me a few pointers on what I need to do to look a little further into this problem...Many thanks brian
PGP.sig
Description: Dit deel van het bericht is digitaal ondertekend
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
