On 8/8/06, Rafael Capovilla <[EMAIL PROTECTED]> wrote:
Which distro are you using? Could you try to find out which package use this file?
Running Debian Unstable. Not scompdeandy:~# dpkg -S /dev/.static/dev/null0 dpkg: /dev/.static/dev/null0 not found.ure what package own the file: // andy
2006/8/8, Andrew Nelson <[EMAIL PROTECTED]>: > > File appears empty. Thanks > > On 8/8/06, Rafael Capovilla <[EMAIL PROTECTED]> wrote: > > I believe this is a false-positive, check the contents of this file > > > > 2006/8/8, Andrew Nelson <[EMAIL PROTECTED]>: > > > > > > I've just installed ossec-hid and recieved the following message. > > > > > > """ > > > OSSEC HIDS Notification. > > > 2006 Aug 08 09:30:38 > > > > > > Received From: compdeandy->rootcheck > > > Rule: 14 fired (level 8) -> "Rootkit detection engine message" > > > Portion of the log(s): > > > > > > File '/dev/.static/dev/null"' present on /dev. Possible hidden file. > > > > > > > > > > > > --END OF NOTIFICATION > > > > > > > > > > > > OSSEC HIDS Notification. > > > 2006 Aug 08 09:30:38 > > > > > > Received From: compdeandy->rootcheck > > > Rule: 14 fired (level 8) -> "Rootkit detection engine message" > > > Portion of the log(s): > > > > > > File '/dev/.static/dev/null0' present on /dev. Possible hidden file. > > > > > > > > > > > > --END OF NOTIFICATION > > > """ > > > > > > I've done some searching around and it appears that maybe this file > > > installed by udev. Does anyone know if this indicates an actual > > > rootkit or if this is a false positive? > > > > > > //andy > > > > > > > > > -- > > > No trees were killed in the sending of this message. However a large > > > number of electrons were terribly inconvenienced > > > > > > > > > > > > > -- > > Certified LPIC -1 > > http://www.underlinux.com.br > > > > Unix is very simple, but it takes a genius to understand the simplicity. > > (Dennis Ritchie) > > > -- > No trees were killed in the sending of this message. However a large > number of electrons were terribly inconvenienced > -- Certified LPIC -1 http://www.underlinux.com.br Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
-- No trees were killed in the sending of this message. However a large number of electrons were terribly inconvenienced
