Hi, I ran rkhunter on my debian 5 vps and got all these warnings:
$ grep Warning rkhunter.log [06:47:36] Warning: Checking for prerequisites [ Warning ] [06:47:36] Warning: WARNING! It is the users responsibility to ensure that when the '--propupd' option [06:47:39] /bin/which [ Warning ] [06:47:39] Warning: The command '/bin/which' has been replaced by a script: /bin/which: POSIX shell script text executable [06:47:40] /usr/bin/groups [ Warning ] [06:47:40] Warning: The command '/usr/bin/groups' has been replaced by a script: /usr/bin/groups: POSIX shell script text executable [06:47:40] /usr/bin/ldd [ Warning ] [06:47:40] Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne-Again shell script text executable [06:47:43] /usr/bin/lwp-request [ Warning ] [06:47:43] Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: a /usr/bin/perl -w script text executable [06:47:45] /usr/sbin/adduser [ Warning ] [06:47:45] Warning: The command '/usr/sbin/adduser' has been replaced by a script: /usr/sbin/adduser: a /usr/bin/perl script text executable [06:49:35] Checking for string 'hdparm' [ Warning ] [06:49:36] Warning: Checking for possible rootkit strings [ Warning ] [06:49:37] Checking for enabled inetd services [ Warning ] [06:49:38] Warning: Found enabled inetd service: talk [06:49:38] Warning: Found enabled inetd service: ntalk [06:49:38] Checking loaded kernel modules [ Warning ] [06:49:38] Warning: No output found from the lsmod command or the /proc/modules file: [06:51:07] Checking if SSH root access is allowed [ Warning ] [06:51:07] Warning: The SSH and rkhunter configuration options should be the same: [06:51:25] Checking version of GnuPG [ Warning ] [06:51:25] Warning: Application 'gpg', version '1.4.9', is out of date, and possibly a security risk. [06:51:25] Checking version of OpenSSL [ Warning ] [06:51:25] Warning: Application 'openssl', version '0.9.8g', is out of date, and possibly a security risk. [06:51:25] Checking version of PHP [ Warning ] [06:51:25] Warning: Application 'php', version '5.2.6', is out of date, and possibly a security risk. [06:51:25] Checking version of OpenSSH [ Warning ] [06:51:25] Warning: Application 'sshd', version '5.1p1', is out of date, and possibly a security risk. aside from the PermitRootLogin = yes, does this mean that the vps was compromised? -- Regards, Umarzuki Mochlis http://debmal.my