Hello, On Tue, 25 Jan 2011 14:57:25 +0100 "d...@456ny.com" <d...@456ny.com> wrote: >i looked up some of the warnings, but just wanted to be sure. So where did you look those up? I'm asking because if you looked them up in the README, the FAQ, rkhunter.conf comments or the mailing list archives you'd have an answer for all these questions:
>Warning: The command 'X' has been replaced by a script (verify origin and integrity then SCRIPTWHITELIST) >Warning: The SSH configuration option 'PermitRootLogin' has not been set. (set it in rkhunter.conf) >Warning: Hidden file found: (verify origin and integrity then whitelist with ALLOWHIDDENFILE) >Warning: Application 'X', version 'Y', is out of date, and possibly a security risk. (verify version then either APP_WHITELIST or disable the test) ... except these two: >[18:44:37] Warning: Dica-Kit Rootkit [ Warning ] >[18:44:38] File '/etc/sshd_config' found Can anyone confirm this /etc/sshd_config is a Mac OS X default instead of the /etc/ssh/sshd_config most other OSes use? >[18:45:27] Warning: Checking for possible rootkit strings [ Warning ] Hmm. Check your rkhunter.log and see if there's any clues? If unclear please *attach* the log, not include it in the message body, TIA. unSpawn --- ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
