> On Monday 18 December 2006 3:10 pm, [EMAIL PROTECTED] wrote: > > hey Im a noob to linux, Im using simply Mepis 6.0 and love it so much I > > havent used windows again yet > > > > > > someone on the mepislovers forum told me rkhunter was a command tool and I > > got it working > > > > do I have to be worried about these? > > > > > > rkhunter turned up these two > > > > * Filesystem checks > > Checking /dev for suspicious files... [ OK ] > > Scanning for hidden files... [ Warning! ] > > --------------- > > /etc/.java > > /etc/.pwd.lock /dev/.udev > > /dev/.static > > --------------- > > Please inspect: /etc/.java (directory) /dev/.udev (directory) > > /dev/.static (directory) > > > > ----------------------------------------------------- > > or this? > > * Check: SSH > > Searching for sshd_config... > > Found /etc/ssh/sshd_config > > Checking for allowed root login... Watch out Root login possible. > > Possible risk! > > info: "PermitRootLogin yes" found in file /etc/ssh/sshd_config > > Hint: See logfile for more information about this issue > > Checking for allowed protocols... [ Warning > > (SSH v1 allowed) ] > > > > > > P.S. I have a bit of a problem with a friend I had who's a genius cracker, > > so I want to be secure as possible > > > > P.P.S. hope Im not bothering you, thanks for any help, > > > > -Eric: ) > > > > It's never a both; we were all noobs once :-) > > About the first few lines having to do w/ java, I wouldn't worry > about those. I believe those are files which rkhunter simply > doesn't know about. > > As to the last, it is true that allowing root ssh access can be a > security risk. To "fix" that, locate the file sshd_config. Use any > text editor; find the line "PermitRootLogin". Change from yes to no > and save the file. You're good to go.
For many cluster environments it's required to allow root ssh, if you don't need it do the above, but if you do need it locate your rkhunter.conf file and add the line: ALLOW_SSH_ROOT_USER=1 Regards, Michael. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
