thirupathy k wrote:
Dear all , am finding problem in rkhunter which was installed in my server with fedora core and the rkhunter which was used in the linux server is the latest version (1.2.9) . while the daily scripts are running from the server states that a lot os bad checks while doing rkhunter checking. please see the error message given below and help me to solve this issue.more over i have updated the rkhunter databases with the following commandrkhunter --update Error message * System tools Info: prelinked files found Performing 'known good' check... /bin/cat [ BAD ] /bin/chmod [ BAD ] /bin/chown [ BAD ] /bin/date [ BAD ] /bin/dmesg [ BAD ] /bin/env [ BAD ] /bin/grep [ OK ] /bin/kill [ BAD ] /bin/login [ BAD ] /bin/ls [ BAD ] /bin/more [ BAD ] /bin/mount [ BAD ] /bin/netstat [ OK ] /bin/ps [ BAD ] /bin/su [ BAD ] /sbin/chkconfig [ OK ] /sbin/depmod [ BAD ] /sbin/ifconfig [ OK ] /sbin/init [ OK ] /sbin/insmod [ BAD ] /sbin/ip [ BAD ] /sbin/lsmod [ BAD ] /sbin/modinfo [ BAD ] /sbin/modprobe [ BAD ] /sbin/rmmod [ BAD ] /sbin/runlevel [ OK ] /sbin/sysctl [ BAD ] /sbin/syslogd [ OK ] /sbin/sulogin [ OK ] /usr/bin/chattr [ OK ] /usr/bin/du [ BAD ] /usr/bin/file [ BAD ] /usr/bin/find [ OK ] /usr/bin/head [ BAD ] /usr/bin/killall [ BAD ] /usr/bin/lsattr [ OK ] /usr/bin/md5sum [ BAD ] /usr/bin/passwd [ OK ] /usr/bin/pstree [ BAD ] /usr/bin/sha1sum [ BAD ] /usr/bin/stat [ BAD ] /usr/bin/strings [ BAD ] /usr/bin/top [ BAD ] /usr/bin/users [ BAD ] /usr/bin/vmstat [ BAD ] /usr/bin/w [ BAD ] /usr/bin/watch [ BAD ] /usr/bin/wc [ BAD ] /usr/bin/wget [ OK ] /usr/bin/whereis [ BAD ] /usr/bin/who [ BAD ] /usr/bin/whoami [ BAD ]---------------------------------------------------------------------- ---------- Rootkit Hunter has found some bad or unknown hashes. This can happen due to replaced binaries or updated packages (which give other hashes). Be sure your hashes are up-to-date (rkhunter --update). If you're in doubt about these hashes, contact us through the Rootkit Hunter mailinglist at rkhunter- [EMAIL PROTECTED] . ---------------------------------------------------------------------- ----------After running the command also gives the same result. Please help me to solve this issue. Waiting for ur reply
Please take a look at the rkhunter website for the steps to take: <http://rkhunter.sourceforge.net/>
Nils Breunese.
PGP.sig
Description: Dit deel van het bericht is digitaal ondertekend
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
