Hi there, On Mon, 19 Sep 2016, Faederwulf wrote:
> I would like to know if there is a cause for alarm in any of the following: > Warning: The command '/usr/bin/lwp-request' has been replaced by a script: > /usr/bin/lwp-request: a /usr/bin/perl -w script, ASCII text executable Did you update something? > sudo nano /etc/Warning: The following processes are using deleted files: I got lost right after "sudo nano /etc/" > Warning: File '/tmp/mintUpdate/qzryv4fj' (score: 250) contains some > suspicious content and should be checked. I guess you're using Mint. :) After you read the warning about /tmp/mintUpdate/qzryv4fj, what did you do? > Warning: Process '/sbin/wpa_supplicant' (PID 1104) is listening on the > network. > Warning: Process '/sbin/wpa_supplicant' (PID 1104) is listening on the > network. > Warning: Process '/sbin/dhclient' (PID 1162) is listening on the network. I'd be very surprised if wpa_supplicant did *not* listen on the network. That's its job. I'd be very surprised if I were to be running dhclient, but if I were, I'd also be very surprised if it did not also listen on the network. Again, that's its job. > Warning: Suspicious file types found in /dev: > /dev/shm/pulse-shm-1932665755: data > /dev/shm/pulse-shm-850596082: data > /dev/shm/pulse-shm-3528623655: data > /dev/shm/pulse-shm-2770679786: data I've always thought it's a funny place to put shared memory, but I'd imagine that this is perfectly OK. I have a few pulse-shm- files on some of my machines. I'd put that stuff under /tmp/, or /var/run/ or, basically, anywhere but /dev/. > Warning: Hidden directory found: /etc/.java Java gives me the screaming heeby-jeebies. -- 73, Ged. ------------------------------------------------------------------------------ _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
