HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=4)
-   -   rkhunter, "machine infected" straight after install? (http://www.howtoforge.com/forums/showthread.php?t=61270)

msp 3rd April 2013 03:21

rkhunter, "machine infected" straight after install?
 
I followed the Perfect Server Debian Squeeze (ISPConfig3/Apache/Dovecot) installation, then set an email address for rkhunter to send report emails to.

I only installed this server yesterday from scratch. Is it normal that I get emails already telling me;

Please inspect this machine, because it may be infected.

I've checked through this document: http://beginlinux.com/sec_train_m/se...g-for-rootkits

and I have run rkhunter -c, which does find warnings.

How can I silence warnings that aren't things I need to worry about (e.g.
Checking loaded kernel modules [ Warning ]
Checking if SSH root access is allowed [ Warning ]
Checking for hidden files and directories [ Warning ]
)?

I'd rather like to tune-out of things unless they need my attention and I want to be reassured my system is clean.

darinpeterson 6th April 2013 06:30

msp,

I don't know the answer to your question, and since this has been sitting for some time, I'm not sure anyone else does either.

Please look at the rootkit hunter website for more information: http://rkhunter.sourceforge.net/

Regards,
Darin


All times are GMT +2. The time now is 05:42.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.