-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Two questions
What OS are you running? Do you have any reason to believe it might be compromised? Andrew D Kirch - AllThingsIT Office: 317-755-0200 GPG: 735D020C ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of thirupathy k Sent: Wednesday, May 30, 2007 10:18 AM To: [email protected] Subject: [Rkhunter-users] problem in hash for binary files in linux os hi, Dear all , am finding problem in rkhunter which was installed in my server with fedora core and the rkhunter which was used in the linux server is the latest version (1.2.9) . while the daily scripts are running from the server states that a lot os bad checks while doing rkhunter checking. please see the error message given below and help me to solve this issue. more over i have updated the rkhunter databases with the following command rkhunter --update Error message * System tools Info: prelinked files found Performing 'known good' check... /bin/cat [ BAD ] /bin/chmod [ BAD ] /bin/chown [ BAD ] /bin/date [ BAD ] /bin/dmesg [ BAD ] /bin/env [ BAD ] /bin/grep [ OK ] /bin/kill [ BAD ] /bin/login [ BAD ] /bin/ls [ BAD ] /bin/more [ BAD ] /bin/mount [ BAD ] /bin/netstat [ OK ] /bin/ps [ BAD ] /bin/su [ BAD ] /sbin/chkconfig [ OK ] /sbin/depmod [ BAD ] /sbin/ifconfig [ OK ] /sbin/init [ OK ] /sbin/insmod [ BAD ] /sbin/ip [ BAD ] /sbin/lsmod [ BAD ] /sbin/modinfo [ BAD ] /sbin/modprobe [ BAD ] /sbin/rmmod [ BAD ] /sbin/runlevel [ OK ] /sbin/sysctl [ BAD ] /sbin/syslogd [ OK ] /sbin/sulogin [ OK ] /usr/bin/chattr [ OK ] /usr/bin/du [ BAD ] /usr/bin/file [ BAD ] /usr/bin/find [ OK ] /usr/bin/head [ BAD ] /usr/bin/killall [ BAD ] /usr/bin/lsattr [ OK ] /usr/bin/md5sum [ BAD ] /usr/bin/passwd [ OK ] /usr/bin/pstree [ BAD ] /usr/bin/sha1sum [ BAD ] /usr/bin/stat [ BAD ] /usr/bin/strings [ BAD ] /usr/bin/top [ BAD ] /usr/bin/users [ BAD ] /usr/bin/vmstat [ BAD ] /usr/bin/w [ BAD ] /usr/bin/watch [ BAD ] /usr/bin/wc [ BAD ] /usr/bin/wget [ OK ] /usr/bin/whereis [ BAD ] /usr/bin/who [ BAD ] /usr/bin/whoami [ BAD ] - ------------------------------------------------------------------------ -------- Rootkit Hunter has found some bad or unknown hashes. This can happen due to replaced binaries or updated packages (which give other hashes). Be sure your hashes are up-to-date (rkhunter --update). If you're in doubt about these hashes, contact us through the Rootkit Hunter mailinglist at [email protected] <mailto:[email protected]> . - ------------------------------------------------------------------------ -------- After running the command also gives the same result. Please help me to solve this issue. Waiting for ur reply - -- Regards K.Thirupathy -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) iD8DBQFGXYkUkAlCbnNtAgwRAlhjAJ4ymVVHKRp6LfW/Fy3E/xUr8EiO7wCguj3E DyCLZ1mwE4U7tfDUEy1zVao= =RzQh -----END PGP SIGNATURE-----
|
Two questions What OS are you running? Do you have any reason to believe it might
be compromised? Andrew D Kirch - AllThingsIT From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of thirupathy k hi, |
PGPexch.htm.asc
Description: PGP signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
