rkhunter sshd warning
Wolfgang S. Rupprecht
wolfgang.rupprecht at gmail.com
Sun Mar 16 19:59:29 UTC 2014
Things that make you go 'hmmm' (see sshd, ssh, telnet mention):
From: root (root)
To: root
Subject: rkhunter Daily Run on [redacted]
Date: Sun, 16 Mar 2014 07:51:04 -0700
--------------------- Start Rootkit Hunter Update ---------------------
[ Rootkit Hunter version 1.4.2 ]
Checking rkhunter data files...
Checking file mirrors.dat [ No update ]
Checking file programs_bad.dat [ No update ]
Checking file backdoorports.dat [ No update ]
Checking file suspscan.dat [ No update ]
Checking file i18n/cn [ No update ]
Checking file i18n/de [ No update ]
Checking file i18n/en [ No update ]
Checking file i18n/tr [ No update ]
Checking file i18n/tr.utf8 [ No update ]
Checking file i18n/zh [ No update ]
Checking file i18n/zh.utf8 [ No update ]
---------------------- Start Rootkit Hunter Scan ----------------------
Warning: The file '/usr/sbin/sshd' exists on the system, but it is not present in the 'rkhunter.dat' file.
Warning: The file '/usr/bin/ssh' exists on the system, but it is not present in the 'rkhunter.dat' file.
Warning: The file '/usr/bin/telnet' exists on the system, but it is not present in the 'rkhunter.dat' file.
Warning: GasKit Rootkit [ Warning ]
Directory '/dev/dev' found
----------------------- End Rootkit Hunter Scan -----------------------
In the famous words of the Three Miles Island operators "Ignore those
gauges. They are clearly wrong."
Every one of my systems here is showing some subset of this error. Some
only show sshd, others all three. Disconcerting to say the least.
Are other people seeing this? I'm not looking forward to a full scrub
and clean installation.
-wolfgang
More information about the users
mailing list