Hi Al... thanks for your indications...
I'm using Ubuntu 16.04 LTS Thanks for your further answers... Regards Angelo >----Messaggio originale---- >Da: "Al Varnell" <alvarn...@mac.com> >Data: 06/09/2017 23.55 >A: "Angelo Brizi"<a.br...@libero.it> >Ogg: Re: [Rkhunter-users] A lot of warning after a RKHunter scan... > >You should be asking yourself, are these normal findings with the operating system I'm using. I strongly suspect they are all true. > >Perhaps if you tell us what OS you are running, someone with experience here can help you answer that. > >-Al- > >On Wed, Sep 06, 2017 at 09:42 AM, Angelo Brizi via Rkhunter-users wrote: >> Hi all, >> >> can someone give me some indications about these warning I received after a RKHunter scan? >> >> Are these warnings really true or I can suppose these as false positive? >> >> Thanks & Regards... >> >> --------------------------------------------------------------------------------------------------------------------------------------------- >> >> Warning: The following processes are using deleted files: >> Process: /sbin/upstart PID: 1536 File: /home/angelo/. cache/upstart/indicator-sound.log.1 >> Process: /usr/bin/nautilus PID: 1932 File: /home/angelo/. local/share/gvfs-metadata/home >> Process: /usr/lib/speech-dispatcher-modules/sd_cicero PID: 4657 File: /run/user/1000/speech-dispatcher/pid/speech-dispatcher.pid >> Process: /usr/lib/speech-dispatcher-modules/sd_espeak PID: 4661 File: /run/user/1000/speech-dispatcher/pid/speech-dispatcher.pid >> Process: /usr/lib/speech-dispatcher-modules/sd_dummy PID: 4666 File: /run/user/1000/speech-dispatcher/pid/speech-dispatcher.pid >> Process: /usr/lib/speech-dispatcher-modules/sd_generic PID: 4669 File: /run/user/1000/speech-dispatcher/pid/speech-dispatcher.pid >> Process: /usr/bin/speech-dispatcher PID: 4672 File: /run/user/1000/speech-dispatcher/pid/speech-dispatcher.pid >> Process: /usr/lib/gnome-terminal/gnome-terminal-server PID: 8307 File: /tmp/#20185134 >> Process: /usr/lib/firefox/firefox PID: 9301 File: /dev/shm/org.chromium.QMgFyX >> Process: /usr/bin/unity-scope-loader PID: 20235 File: /tmp/tmpf2q3uhK >> Warning: The following suspicious shared memory segments have been found: >> Process: /usr/bin/compiz PID: 1953 Owner: angelo >> Process: /usr/lib/x86_64-linux-gnu/notify-osd PID: 2004 Owner: angelo >> Process: /usr/bin/nautilus PID: 1932 Owner: angelo >> Process: /usr/lib/gnome-terminal/gnome-terminal-server PID: 8307 Owner: angelo >> Process: /usr/lib/firefox/firefox PID: 9301 Owner: angelo >> Process: /usr/lib/firefox/firefox PID: 9301 Owner: angelo >> Warning: Process '/sbin/wpa_supplicant' (PID 1181) is listening on the network. >> Warning: Process '/sbin/wpa_supplicant' (PID 1181) is listening on the network. >> Warning: Process '/sbin/dhclient' (PID 8002) is listening on the network. >> Warning: The SSH and rkhunter configuration options should be the same: >> SSH configuration option 'PermitRootLogin': prohibit-password >> Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': yes >> Warning: Suspicious file types found in /dev: >> /dev/shm/pulse-shm-2721663159: data >> /dev/shm/pulse-shm-4063495218: data >> /dev/shm/pulse-shm-794406050: data >> /dev/shm/pulse-shm-4154426652: data >> /dev/shm/pulse-shm-2348398892: data >> /dev/shm/pulse-shm-1809420734: data >> /dev/shm/pulse-shm-3005158254: data >> /dev/shm/pulse-shm-2558054030: data >> /dev/shm/pulse-shm-633127431: data >> /dev/shm/pulse-shm-1518369476: data >> /dev/shm/pulse-shm-3961342065: data >> /dev/shm/pulse-shm-2732924553: data >> /dev/shm/pulse-shm-2411461603: data >> /dev/shm/pulse-shm-2392925032: data >> /dev/shm/pulse-shm-1376269972: data >> Warning: Hidden directory found: /etc/.java > ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
