On Tuesday 26 December 2006 14:03, Pavel Chalupa wrote: > Hi, > is there anybody who can explain the security report generated by rkhunter? > > At first: default install includes SSHD with remote root login allow, all > users remote login allowed, SSH protocol 1 allowed... during install is SSH > disallowed, but SSHD runnig after install... > > At second: after some online updates, I tried to run rkhunter and its > reporting invisible /dev/tmpblablabla... and some two other files > corresponding with this one... this was too confusing and I killed this by > command rm /dev/tmpblabla... I have no idea what it was, but rkhunter > reported that system is infected... I have no backup of this, but the > machine still runnig and I can make some investigation, but I don't know > how to do it.
Pavel, Please... Step away from the keyboard. Do not go deleting things till you know what you are doing. Do not worry about ssh, it is a secure protocol. Run to your nearest book store and buy a book about getting started in linux, before you start worrying about security. SUSE installs very securely, so there is no point in running rkhunter till you understand the situation a little more. Linux is not like Windows, where the first thing you have to do is install a antivirus. -- _____________________________________ John Andersen
pgpmWdZE9yw77.pgp
Description: PGP signature
