Abdulla, It's not critical, you can safely ignore it. It means you have files or hidden directories in /dev which might be a problem, but in some cases it's normal behavior of some applications. Just add it to rkhunter.conf to ALLOWHIDDENDIR and ALLOWDEVFILE
From rkhunter.conf: # Allow the specified hidden directories. # One directory per line (use multiple ALLOWHIDDENDIR lines). # Allow the specified files to be present in the /dev directory, # and not regarded as suspicious. One file per line (use multiple # ALLOWDEVFILE lines). Regards, Rado On 10. 3. 2011 18:11, abdulla.abbas wrote: > > Dear rkhunter mailing list, > > I performed a scan (rkhunter --check) scan today on my Ubuntu 10.04 > desktop and I received the following warning: > > Checking /dev for suspicious file types [ Warning ] > [20:44:14] Warning: Suspicious file types found in /dev: > [20:44:14] /dev/shm/pulse-shm-2694123416: data > [20:44:14] /dev/shm/pulse-shm-2806358031: data > [20:44:14] /dev/shm/pulse-shm-370791018: data > [20:44:14] /dev/shm/pulse-shm-2823402446: data > [20:44:14] /dev/shm/pulse-shm-2464899192: data > [20:44:14] /dev/shm/pulse-shm-4225408492: data > [20:44:14] /dev/shm/pulse-shm-690869609: data > [20:44:14] /dev/shm/pulse-shm-2678224584: data > [20:44:14] /dev/shm/pulse-shm-2641649888: data > [20:44:14] /dev/shm/pulse-shm-337269030: data > [20:44:14] /dev/shm/pulse-shm-1091075560: data > [20:44:14] /dev/shm/pulse-shm-1201625675: data > [20:44:14] /dev/shm/pulse-shm-352696925: data > [20:44:14] /dev/shm/pulse-shm-1037240337: AmigaOS bitmap font > [20:44:14] > /dev/shm/mono-shared-1000-shared_fileshare-cobra-laptop-Linux-i686-36-12-0: > data > [20:44:15] > /dev/shm/mono-shared-1000-shared_data-cobra-laptop-Linux-i686-312-12-0: data > [20:44:15] /dev/shm/mono.1847: data > [20:44:15] /dev/shm/pulse-shm-1527123447: data > [20:44:15] /dev/shm/pulse-shm-1497883407: data > [20:44:15] Checking for hidden files and directories [ Warning ] > [20:44:15] Warning: Hidden directory found: /etc/.java > [20:44:15] Warning: Hidden directory found: /dev/.udev > [20:44:15] Warning: Hidden directory found: /dev/.initramfs > > > I'm new to rkhunter and I'm not sure what do those warnings mean. can > you please clarify that to me? are they critical? > > Waiting for your reply > > Best Regards > Abdulla > > > ------------------------------------------------------------------------------ > Colocation vs. Managed Hosting > A question and answer guide to determining the best fit > for your organization - today and in the future. > http://p.sf.net/sfu/internap-sfd2d > > > _______________________________________________ > Rkhunter-users mailing list > Rkhunter-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/rkhunter-users
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d
_______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
