Hi all, just leased a new dedicated server and had a third party (way to
web) install a security package including rkhunter on to it and the
first day of emailed logs show these errors and was wondering why they
are there at all as it is a fresh install so there will be no security
issues yet. Appreciate any help or guidance you may provide. I am a
relatively newbie to running my own dedicated server so please be
patient. I changed the User and Group to "username" from the actual
account name.
[ Rootkit Hunter version 1.4.0 ]
Checking rkhunter data files...
Checking file mirrors.dat [ No update ]
Checking file programs_bad.dat [ No update ]
Checking file backdoorports.dat [ No update ]
Checking file suspscan.dat [ No update ]
Checking file i18n/cn [ No update ]
Checking file i18n/de [ No update ]
Checking file i18n/en [ No update ]
Checking file i18n/zh [ No update ]
Checking file i18n/zh.utf8 [ No update ]
[ Rootkit Hunter version 1.4.0 ]
File updated: searched for 167 files, found 139
Warning: User 'username' has been added to the passwd file.
Warning: Group 'username' has been added to the group file.
Warning: The SSH configuration option 'PermitRootLogin' has not been set.
The default value may be 'yes', to allow root access.
Warning: Suspicious file types found in /dev:
/dev/.udev/queue.bin: Applesoft BASIC program data
/dev/.udev/db/block:sda1: ASCII text
/dev/.udev/db/block:sda3: ASCII text
/dev/.udev/db/block:sda2: ASCII text
/dev/.udev/db/block:sda: ASCII text
/dev/.udev/db/sound:card1: ASCII text
/dev/.udev/db/input:event16: ASCII text
/dev/.udev/db/input:event15: ASCII text
/dev/.udev/db/input:event14: ASCII text
/dev/.udev/db/input:event13: ASCII text
/dev/.udev/db/input:event0: ASCII text
/dev/.udev/db/usb:usb5: ASCII text
/dev/.udev/db/usb:usb6: ASCII text
/dev/.udev/db/usb:usb4: ASCII text
/dev/.udev/db/usb:usb3: ASCII text
/dev/.udev/db/sound:card0: ASCII text
/dev/.udev/db/input:event12: ASCII text
/dev/.udev/db/input:event11: ASCII text
/dev/.udev/db/input:event9: ASCII text
/dev/.udev/db/input:event10: ASCII text
/dev/.udev/db/input:event6: ASCII text
/dev/.udev/db/input:event8: ASCII text
/dev/.udev/db/sound:hwC1D2: ASCII text
/dev/.udev/db/sound:pcmC1D7p: ASCII text
/dev/.udev/db/input:event7: ASCII text
/dev/.udev/db/sound:pcmC1D3p: ASCII text
/dev/.udev/db/sound:controlC1: ASCII text
/dev/.udev/db/input:event5: ASCII text
/dev/.udev/db/sound:hwC1D3: ASCII text
/dev/.udev/db/sound:hwC1D0: ASCII text
/dev/.udev/db/sound:pcmC1D8p: ASCII text
/dev/.udev/db/sound:hwC1D1: ASCII text
/dev/.udev/db/sound:pcmC1D9p: ASCII text
/dev/.udev/db/input:event1: ASCII text
/dev/.udev/db/input:event2: ASCII text
/dev/.udev/db/pci:0000:08:00.0: ASCII text
/dev/.udev/db/sound:controlC0: ASCII text
/dev/.udev/db/sound:hwC0D0: ASCII text
/dev/.udev/db/sound:pcmC0D1p: ASCII text
/dev/.udev/db/sound:pcmC0D2c: ASCII text
/dev/.udev/db/sound:pcmC0D0c: ASCII text
/dev/.udev/db/sound:pcmC0D0p: ASCII text
/dev/.udev/db/sound:seq: ASCII text
/dev/.udev/db/sound:timer: ASCII text
/dev/.udev/db/net:eth0: ASCII text
/dev/.udev/db/drm:card0: ASCII text
/dev/.udev/db/block:loop0: ASCII text
/dev/.udev/db/block:loop7: ASCII text
/dev/.udev/db/block:loop6: ASCII text
/dev/.udev/db/block:loop4: ASCII text
/dev/.udev/db/block:loop5: ASCII text
/dev/.udev/db/block:loop1: ASCII text
/dev/.udev/db/block:loop2: ASCII text
/dev/.udev/db/block:loop3: ASCII text
/dev/.udev/db/block:ram9: ASCII text
/dev/.udev/db/block:ram11: ASCII text
/dev/.udev/db/block:ram8: ASCII text
/dev/.udev/db/block:ram5: ASCII text
/dev/.udev/db/block:ram13: ASCII text
/dev/.udev/db/block:ram10: ASCII text
/dev/.udev/db/block:ram4: ASCII text
/dev/.udev/db/block:ram12: ASCII text
/dev/.udev/db/block:ram2: ASCII text
/dev/.udev/db/block:ram14: ASCII text
/dev/.udev/db/block:ram1: ASCII text
/dev/.udev/db/block:ram0: ASCII text
/dev/.udev/db/block:ram6: ASCII text
/dev/.udev/db/block:ram7: ASCII text
/dev/.udev/db/block:ram15: ASCII text
/dev/.udev/db/block:ram3: ASCII text
/dev/.udev/db/pci:0000:00:1f.2: ASCII text
/dev/.udev/db/usb:2-1: ASCII text
/dev/.udev/db/usb:1-1: ASCII text
/dev/.udev/db/usb:usb1: ASCII text
/dev/.udev/db/usb:usb2: ASCII text
/dev/.udev/rules.d/99-root.rules: ASCII text
Warning: Hidden directory found: '/dev/.mdadm'
Warning: Hidden directory found: '/dev/.udev'
Warning: Hidden file found: /usr/share/man/man5/.k5login.5.gz: gzip compressed
data, from Unix, max compression
Warning: Hidden file found: /usr/share/man/man5/.k5identity.5.gz: gzip
compressed data, from Unix, max compression
Warning: Hidden file found: /usr/bin/.fipscheck.hmac: ASCII text
Warning: Hidden file found: /usr/bin/.ssh.hmac: ASCII text
Warning: Hidden file found: /usr/sbin/.sshd.hmac: ASCII text
Warning: Hidden file found: /sbin/.cryptsetup.hmac: ASCII text
--
Paul Smith
Van Isle BC Web Solutions
http://www.vanislebc.com
Sportsman Fishing Adventures Ltd.
http://www.sportsmanfishing.com
cell# 1-778-808-2490
home# 1-250-283-2129
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134071&iu=/4140/ostg.clktrk
_______________________________________________
Rkhunter-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
