On Wed, 2008-10-08 at 09:38 -0300, Fred Edwards wrote: > I just joined the list > (In which case I forgive you for mailing me direct :-) )
> , so forgive me if this has been dealt with over and over > > I keep getting this warning in my log > > "Checking for files with suspicious contents [ Warning ]" > > I can't figure out what "files" it means... or where in the config > file the test is defined to check there > As far as I remember this is the 'suspscan' test, which is disabled by default. The log file (/var/log/rkhunter.log) will contain details of what the test found - i.e. the file names. The test typically looks for files in the /tmp and /var/tmp directories. However, this is set by the SUSPSCAN_DIRS option in the config file (so if the test has been enabled then someone may have changed this setting too). If you want to disable the test, then look at the DISABLE_TESTS option in the config file. John. -- --------------------------------------------------------------- John Horne, University of Plymouth, UK Tel: +44 (0)1752 587287 E-mail: [EMAIL PROTECTED] Fax: +44 (0)1752 587001 ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
