It's pretty much as Brian suggested - look at the warnings in the rkhunter.log file. Some can be dealt with in rkhunter.conf. For example, you could whitelist the hidden directories /etc/.java and /dev/.udev. Others, you may have to investigate and rectify in the OS itself, such as the lsmod output error.
Dimitri On Friday 06 May 2011 1:27:56 pm Nick Fox wrote: > I am still getting the warning: > > "Please inspect this machine, because it may be > infected." > > and I looked through the log file: > > http://pastebin.com/fczK8aB9 > > as Brian suggested but I have no idea what I > need to change, can someone please help. > > thanks > Nick > > > On Thu, Sep 30, 2010 at 8:38 AM, Muskoka Auto > Parts Limited <m...@map-heb.com > > > wrote: > > > > On 10-09-30 10:27 AM, Nick Fox wrote: > > > I have put my rkhunter.log here on 4shared. > > > Click on the blue "Download Now" button. > > > > > > http://www.4shared.com/file/IGOk7wkP/rkhunt > > >er.html > > > > Yuck.... Javascript time delayed download > > file sharing site? > > > > In future, try pastebin.com or similar... I > > did it for you this time > > > > http://pastebin.com/fczK8aB9 > > > > Now as to your problem - open that log and > > just search for the word "Warning" > > It's there three times indicating a few > > things you should look at. I'd install 'lsof' > > as well. > > > > Brian -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
