Abdulla,
It's not critical, you can safely ignore it. It means you have files or
hidden directories in /dev which might be a problem, but in some cases
it's normal behavior of some applications.
Just add it to rkhunter.conf to ALLOWHIDDENDIR and ALLOWDEVFILE

From rkhunter.conf:

# Allow the specified hidden directories.
# One directory per line (use multiple ALLOWHIDDENDIR lines).

# Allow the specified files to be present in the /dev directory,
# and not regarded as suspicious. One file per line (use multiple
# ALLOWDEVFILE lines).

Regards,
Rado

On 10. 3. 2011 18:11, abdulla.abbas wrote:
>
> Dear rkhunter mailing list,
>
> I performed a scan (rkhunter --check) scan today on my Ubuntu 10.04
> desktop and I received the following warning:
>
> Checking /dev for suspicious file types         [ Warning ]
> [20:44:14] Warning: Suspicious file types found in /dev:
> [20:44:14]          /dev/shm/pulse-shm-2694123416: data
> [20:44:14]          /dev/shm/pulse-shm-2806358031: data
> [20:44:14]          /dev/shm/pulse-shm-370791018: data
> [20:44:14]          /dev/shm/pulse-shm-2823402446: data
> [20:44:14]          /dev/shm/pulse-shm-2464899192: data
> [20:44:14]          /dev/shm/pulse-shm-4225408492: data
> [20:44:14]          /dev/shm/pulse-shm-690869609: data
> [20:44:14]          /dev/shm/pulse-shm-2678224584: data
> [20:44:14]          /dev/shm/pulse-shm-2641649888: data
> [20:44:14]          /dev/shm/pulse-shm-337269030: data
> [20:44:14]          /dev/shm/pulse-shm-1091075560: data
> [20:44:14]          /dev/shm/pulse-shm-1201625675: data
> [20:44:14]          /dev/shm/pulse-shm-352696925: data
> [20:44:14]          /dev/shm/pulse-shm-1037240337: AmigaOS bitmap font
> [20:44:14]         
> /dev/shm/mono-shared-1000-shared_fileshare-cobra-laptop-Linux-i686-36-12-0:
> data
> [20:44:15]         
> /dev/shm/mono-shared-1000-shared_data-cobra-laptop-Linux-i686-312-12-0: data
> [20:44:15]          /dev/shm/mono.1847: data
> [20:44:15]          /dev/shm/pulse-shm-1527123447: data
> [20:44:15]          /dev/shm/pulse-shm-1497883407: data
> [20:44:15]   Checking for hidden files and directories       [ Warning ]
> [20:44:15] Warning: Hidden directory found: /etc/.java
> [20:44:15] Warning: Hidden directory found: /dev/.udev
> [20:44:15] Warning: Hidden directory found: /dev/.initramfs
>
>
> I'm new to rkhunter and I'm not sure what do those warnings mean. can
> you please clarify that to me? are they critical?
>
> Waiting for your reply
>
> Best Regards
> Abdulla
>
>
> ------------------------------------------------------------------------------
> Colocation vs. Managed Hosting
> A question and answer guide to determining the best fit
> for your organization - today and in the future.
> http://p.sf.net/sfu/internap-sfd2d
>
>
> _______________________________________________
> Rkhunter-users mailing list
> Rkhunter-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/rkhunter-users

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users

Reply via email to