Dear SLUGGERS,
I just got this report from rkhunter on my machine:
Warning: The file properties have changed:
File: /usr/bin/ldd
Current inode: 331476Stored inode: 17196
Current file modification time: 1263451668
Stored file modification time : 1231069314
Hi Alan,
You can find what package provides the ldd program, and then verify
the integrity of the package. If it really changed I think you should
look for any suspicious activity in your server.
I think you can find the package with dpkg -S $(which ldd) and you can
check its integrity with
On Thu, 21 Jan 2010 15:54:01 -0600
Rodolfo Martínez rmt...@gmail.com wrote:
Hi Alan,
You can find what package provides the ldd program, and then verify
the integrity of the package. If it really changed I think you should
look for any suspicious activity in your server.
I think you can
On Thu, 21 Jan 2010 15:54:01 -0600
Rodolfo Martínez rmt...@gmail.com wrote:
Hi Alan,
You can find what package provides the ldd program, and then verify
the integrity of the package. If it really changed I think you should
look for any suspicious activity in your server.
I think you can
On Fri, Jan 22, 2010 at 09:20:46AM +1100, Alan L Tyree wrote:
On Thu, 21 Jan 2010 15:54:01 -0600
Rodolfo Martínez rmt...@gmail.com wrote:
Hi Alan,
You can find what package provides the ldd program, and then verify
the integrity of the package. If it really changed I think you should
Hi Matt,
rkhunter creates a database (MD5SUM's) of some files, if they change
for any reason, like a system upgrade/update, it will complain about
it. rkhunter should be run again to get the new MD5SUM's. This applies
for any Host Intruder Detection System (HIDS) (i.e. tripwire, AIDE,
etc...).
On Thu, Jan 21, 2010 at 05:37:53PM -0600, Rodolfo Martínez wrote:
Hi Matt,
rkhunter creates a database (MD5SUM's) of some files, if they change
for any reason, like a system upgrade/update, it will complain about
it. rkhunter should be run again to get the new MD5SUM's. This applies
for any