Results 1 to 4 of 4

Thread: Found warnings in rkhunter.log (rootkit hunter)

  1. #1
    Join Date
    Jan 2014
    Location
    Statham,GA USA
    Beans
    212
    Distro
    Ubuntu 12.04 Precise Pangolin

    Found warnings in rkhunter.log (rootkit hunter)

    There were warnings in my rootkit hunter log:
    Excerpt:
    [16:12:18] Info: Starting test name 'passwd_changes'
    [16:12:18] Checking for passwd file changes [ Warning ]
    [16:12:19] Warning: User 'postfix' has been added to the passwd file.

    [16:12:19]
    [16:12:19] Info: Starting test name 'group_changes'
    [16:12:19] Checking for group file changes [ Warning ]
    [16:12:19] Warning: Group 'postfix' has been added to the group file.
    [16:12:19] Warning: Group 'postdrop' has been added to the group file
    .
    [16:12:19] Checking root account shell history files [ None found ]
    [16:12:19]
    [16:12:19] Info: Starting test name 'system_configs'
    [16:12:19] Performing system configuration file checks
    [16:12:19] Checking for SSH configuration file [ Not found ]
    [16:12:19] Checking for running syslog daemon [ Found ]
    [16:12:19] Info: Found rsyslog configuration file: /etc/rsyslog.conf
    [16:12:19] Checking for syslog configuration file [ Found ]
    [16:12:19] Checking if syslog remote logging is allowed [ Not allowed ]
    [16:12:19]
    [16:12:19] Info: Starting test name 'filesystem'
    [16:12:19] Performing filesystem checks
    [16:12:19] Info: SCAN_MODE_DEV set to 'THOROUGH'
    [16:12:19] Checking /dev for suspicious file types [ None found ]
    [16:12:19] Checking for hidden files and directories [ Warning ]
    [16:12:19] Warning: Hidden directory found: /dev/.udev
    [16:12:19] Warning: Hidden file found: /dev/.initramfs: symbolic link to `/run/initramfs'

    [16:12:25]

    Do I need to worry/act?

    I am very visually impaired. Ben
    Last edited by bc.haynes; January 19th, 2014 at 02:46 AM. Reason: Following suggestions.

  2. #2
    Join Date
    Jan 2006
    Location
    Not heaven... Iowa
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Found warnings in rkhunter.log (rootkit hunter)

    From the Posting Guidelines:
    Use color and font properties for highlighting portions of your text, and not for all of the text in your post. Please use the default font color and properties unless you need to highlight or draw attention to a part of your post. ALL CAPS is interpreted as screaming. Funky non-uniform font size/color is difficult for those who are visually impaired. If you are having problems with reading the font, please adjust your browser.
    Linux User #415691 Ubuntu User #8629
    Iowa Team (LoCo): [Wiki] [Launchpad]
    IRC channel: #ubuntu-us-ia on irc.freenode.net

  3. #3
    Join Date
    Mar 2006
    Location
    Williams Lake
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: Found warnings in rkhunter.log (rootkit hunter)

    Those are normal warnings, that you get if you don't update the rkhunter database before running it. I'd suggest running:

    Code:
    fkhunter --propupd
    then run rkhunter again.

  4. #4

    Re: Found warnings in rkhunter.log (rootkit hunter)

    Nothing to be worried about...

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •