Re: [Rkhunter-users] Md5 hash problem in server

2007-06-28 Thread thirupathy k
Hi Michael, Thanks for your reply. Even updating the rkhunter version to the latest 1.2.9. Am facing the same problem. Even though i followed the steps mentioned in report. I used the command rkhunter --update to fix this problem.Please give some suggestion to solve this problem. Below is the

Re: [Rkhunter-users] Md5 hash problem in server

2007-06-28 Thread John Horne
On Thu, 2007-06-28 at 12:59 +0530, thirupathy k wrote: Thanks for your reply. Even updating the rkhunter version to the latest 1.2.9. Am facing the same problem. Even though i followed the steps mentioned in report. I used the command rkhunter --update to fix this problem.Please give some

Re: [Rkhunter-users] Suspected rootkit - Tilapia

2007-06-28 Thread unspawn
Hello Rickj, On Wed, 27 Jun 2007 13:53:41 +0200 [EMAIL PROTECTED] wrote: We have a very old webserver running apache 1.3.31 on Red Hat Linux 7.3. (..) We recently discovered a rootkit on the server trying establish a connection to 66.192.67.170 on port 4096. I've tried searching for the pl

[Rkhunter-users] ENC: Cron root@servidor run-parts /etc/cron.daily

2007-06-28 Thread XIKKO
Could you help. What is the explanation for this message. Francisco -Mensagem original- De: Cron Daemon [mailto:[EMAIL PROTECTED] Enviada em: quinta-feira, 21 de junho de 2007 23:03 Para: [EMAIL PROTECTED] Assunto: Cron [EMAIL PROTECTED] run-parts /etc/cron.daily

[Rkhunter-users] False Positives

2007-06-28 Thread wildmage
Just a FYI, I get these false positives consitently on a Etch Debian system. Thanks Scanning for hidden files... [ Warning! ] - Found warnings: [06:25:25] WARNING, found: /dev/.static (directory) /dev/.udev (directory)

[Rkhunter-users] Unknown version numbers

2007-06-28 Thread Roland Bohman
* Application version scan    - GnuPG 2.0.3   [ Unknown ]      - PHP 5.2.3   [ Unknown ] - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML.

[Rkhunter-users] got a bad hash

2007-06-28 Thread project 2501
Hi there I work for hentaikey.com as there IT Security Consultant i dont know if this hash is for real or not but i got a BAD hit on /usr/bin/file [ BAD ] 6b650430f01971c16a7cad41d44b1bd3 i dont think its realy anything bad the file does not seem to be anything fishy we are

Re: [Rkhunter-users] got a bad hash

2007-06-28 Thread unspawn
On Tue, 26 Jun 2007 22:07:01 +0200 project 2501 [EMAIL PROTECTED] wrote: i dont know if this hash is for real or not Verify using installed file integrity checker or the distro's package management tools. i dont think its realy anything bad the file does not seem to be anything fishy

Re: [Rkhunter-users] Suspected rootkit - Tilapia

2007-06-28 Thread unspawn
On Fri, 29 Jun 2007 00:35:54 +0200 Jeff Peeler [EMAIL PROTECTED] wrote: Minor detail, but I think you'll need a -p before the PID. lsof - w -n -p PID Actually *not* so minor a detail. Thanks for adding! Cheers, unSpawn -- Turn your passion into a profession. Click here to find a film school