[EMAIL PROTECTED] wrote: > All that is required next is for users to "bless" the release > by testing the CVS tarball RSN, so please do.
Here is a user test for you. This one from current Debian Etch, with a bit of backports, volatile, and lenny... Installed using --layout default [07:57:08] Running Rootkit Hunter version 1.3.3 on xxxxx [07:57:08] [07:57:08] Info: Start date is Mon Sep 1 07:57:08 BST 2008 <snip> [08:00:28] System checks summary [08:00:29] ===================== [08:00:29] [08:00:29] File properties checks... [08:00:29] Required commands check failed [08:00:29] Files checked: 129 [08:00:29] Suspect files: 7 [08:00:29] [08:00:29] Rootkit checks... [08:00:29] Rootkits checked : 117 [08:00:29] Possible rootkits: 0 [08:00:29] [08:00:29] Applications checks... [08:00:29] Applications checked: 6 [08:00:30] Suspect applications: 0 [08:00:30] [08:00:30] The system checks took: 3 minutes and 13 seconds [08:00:30] [08:00:30] Info: End date is Mon Sep 1 08:00:30 BST 2008 Those files are: [07:57:27] Warning: Checking for prerequisites [ Warning ] [07:57:27] Warning: WARNING! It is the users responsibility to ensure that when the '--propupd' option [07:57:29] /bin/egrep [ Warning ] [07:57:30] Warning: The command '/bin/egrep' has been replaced by a script: /bin/egrep: Bourne shell script text executable [07:57:30] /bin/fgrep [ Warning ] [07:57:30] Warning: The command '/bin/fgrep' has been replaced by a script: /bin/fgrep: Bourne shell script text executable [07:57:33] /bin/which [ Warning ] [07:57:33] Warning: The command '/bin/which' has been replaced by a script: /bin/which: Bourne shell script text executable [07:57:36] /usr/bin/groups [ Warning ] [07:57:36] Warning: The command '/usr/bin/groups' has been replaced by a script: /usr/bin/groups: Bourne shell script text executable [07:57:37] /usr/bin/ldd [ Warning ] [07:57:37] Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne-Again shell script text executable [07:57:46] /usr/bin/lwp-request [ Warning ] [07:57:46] Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: perl script text executable [07:57:51] /usr/sbin/adduser [ Warning ] [07:57:51] Warning: The command '/usr/sbin/adduser' has been replaced by a script: /usr/sbin/adduser: perl script text executable [07:59:43] Checking for enabled inetd services [ Warning ] [07:59:43] Warning: Found enabled inetd service: ident [07:59:43] Warning: Found enabled inetd service: swat [08:00:04] Checking /dev for suspicious file types [ Warning ] [08:00:04] Warning: Suspicious file types found in /dev: [08:00:05] /dev/shm/resolvconf/resolv.conf: ASCII text [08:00:05] /dev/shm/resolvconf/interface/ppp0: ASCII text [08:00:06] /dev/shm/resolvconf/interface/lo.named: ASCII text [08:00:08] /dev/shm/resolvconf/interface/eth1: ASCII text [08:00:09] /dev/shm/resolvconf/interface/eth0.inet: ASCII text [08:00:13] Checking for hidden files and directories [ None found ] All those files look safe to me. Thanks for all the work on this. Berni PS: ...the summary is reporting "commands check failed" Yet: [08:24:35] Info: Found the 'diff' command: /usr/bin/diff [08:24:35] Info: Found the 'file' command: /usr/bin/file [08:24:35] Info: Found the 'find' command: /usr/bin/find [08:24:36] Info: Found the 'ifconfig' command: /sbin/ifconfig [08:24:36] Info: Found the 'ip' command: /sbin/ip [08:24:36] Info: Found the 'ldd' command: /usr/bin/ldd [08:24:36] Info: Found the 'lsattr' command: /usr/bin/lsattr [08:24:36] Info: Found the 'lsmod' command: /sbin/lsmod [08:24:36] Info: Found the 'lsof' command: /usr/bin/lsof [08:24:36] Info: Found the 'mktemp' command: /bin/mktemp [08:24:36] Info: Found the 'netstat' command: /bin/netstat [08:24:36] Info: Found the 'perl' command: /usr/bin/perl [08:24:36] Info: Found the 'ps' command: /bin/ps [08:24:36] Info: Found the 'pwd' command: /bin/pwd [08:24:36] Info: Found the 'readlink' command: /bin/readlink [08:24:36] Info: Found the 'sort' command: /usr/bin/sort [08:24:37] Info: Found the 'stat' command: /usr/bin/stat [08:24:37] Info: Found the 'strings' command: /usr/bin/strings [08:24:37] Info: Found the 'uniq' command: /usr/bin/uniq ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
