Box Cracked ( Was: thank's )
Manuel Arostegui Ramirez
manuel at todo-linux.com
Sat Oct 20 17:07:28 UTC 2007
El Sábado, 20 de Octubre de 2007 19:00, bob.smith at kolumbus.fi escribió:
>
> these are a mentioned in rkhunter:
>
> [19:20:07] /usr/bin/groups [ Warning ]
> [19:20:07] Warning: The command '/usr/bin/groups' has been replaced by a
> script: /usr/bin/groups: Bourne shell script text executable [[19:20:08]
> /usr/bin/ldd [ Warning ] [19:20:08]
> Warning: The command '/usr/bin/ldd' has been replaced by a script:
> /usr/bin/ldd: Bourne shell script text executable [[19:20:11]
> /usr/bin/whatis [ Warning ] [19:20:11]
> Warning: The command '/usr/bin/whatis' has been replaced by a script:
> /usr/bin/whatis: Bourne shell script text executable [[19:20:12] Warning:
> The command '/sbin/ifdown' has been replaced by a script: /sbin/ifdown:
> Bourne-Again shell script text executable [19:20:12] /sbin/ifup
> [ Warning ] [19:20:12] Warning: The command
> '/sbin/ifup' has been replaced by a script: /sbin/ifup: Bourne-Again shell
> script text executable [19:20:52] Info: Rkhunter option ALLOW_SSH_ROOT_USER
> set to 'no'.
> [19:20:52] Checking if SSH root access is allowed [ Warning ]
> [19:20:52] Warning: The SSH configuration option 'PermitRootLogin' has not
> been set. The default value may be 'yes', to allow root access.
> [
Something strange in those script? Something that lead you to think you've a
rootkit installed?
--
Manuel Arostegui Ramirez.
Electronic Mail is not secure, may not be read every day, and should not
be used for urgent or sensitive issues.
More information about the users
mailing list