On 10/31/06, Ramsy de Vos <[EMAIL PROTECTED]> wrote:
Files suddenly are marked bad, after upgrading to the latest Centos
[EMAIL PROTECTED] rkhunter-1.2.9]# uname -a
Linux zion.crystalcore.nl 2.6.16-Joanna #3 Sat May 20 23:01:13 CEST 2006
x86_64 x86_64 x86_64 GNU/Linux
[EMAIL PROTECTED] rkhunter-1.2.9]# cat /etc/redhat-release
CentOS release 4.4 (Final)
[EMAIL PROTECTED] rkhunter-1.2.9]#
* System tools
Performing 'known good' check...
/bin/cat [ BAD ]
/bin/chmod [ BAD ]
/bin/chown [ BAD ]
/bin/date [ BAD ]
/bin/dmesg [ BAD ]
/bin/env [ BAD ]
/bin/grep [ BAD ]
/bin/kill [ BAD ]
/bin/login [ BAD ]
/bin/ls [ BAD ]
/bin/more [ BAD ]
/bin/mount [ BAD ]
/bin/netstat [ BAD ]
/bin/ps [ BAD ]
/bin/su [ BAD ]
/sbin/chkconfig [ BAD ]
/sbin/depmod [ BAD ]
/sbin/ifconfig [ BAD ]
/sbin/init [ BAD ]
/sbin/insmod [ BAD ]
/sbin/ip [ BAD ]
/sbin/lsmod [ BAD ]
/sbin/modinfo [ BAD ]
/sbin/modprobe [ BAD ]
/sbin/rmmod [ BAD ]
/sbin/runlevel [ BAD ]
/sbin/sulogin [ BAD ]
/sbin/sysctl [ BAD ]
/sbin/syslogd [ BAD ]
/usr/bin/chattr [ BAD ]
/usr/bin/du [ BAD ]
/usr/bin/file [ BAD ]
/usr/bin/find [ BAD ]
/usr/bin/head [ BAD ]
/usr/bin/killall [ BAD ]
/usr/bin/lsattr [ BAD ]
/usr/bin/md5sum [ BAD ]
/usr/bin/passwd [ BAD ]
/usr/bin/pstree [ BAD ]
/usr/bin/sha1sum [ BAD ]
/usr/bin/slocate [ BAD ]
/usr/bin/stat [ BAD ]
/usr/bin/strings [ BAD ]
/usr/bin/top [ BAD ]
/usr/bin/users [ BAD ]
/usr/bin/vmstat [ BAD ]
/usr/bin/w [ BAD ]
/usr/bin/watch [ BAD ]
/usr/bin/wc [ BAD ]
/usr/bin/wget [ BAD ]
/usr/bin/whereis [ BAD ]
/usr/bin/who [ BAD ]
/usr/bin/whoami [ BAD ]
/usr/sbin/xinetd [ BAD ]
--------------------------------------------------------------------------------
Rootkit Hunter has found some bad or unknown hashes. This can happen due
to replaced
binaries or updated packages (which give other hashes). Be sure your
hashes are
up-to-date (rkhunter --update). If you're in doubt about these hashes,
contact
us through the Rootkit Hunter mailinglist at
[email protected] .
--------------------------------------------------------------------------------
Any idea's on how this is possible?
There are no indications my system has been comprimised!
Regards,
Ramsy
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Rkhunter-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
--
Do not meddle in the affairs of sysadmins, for they are subtle and quick to anger.
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
