View Single Post
  #5  
Old 10th June 2009, 17:25
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Arrow

Hi Falko thank you for the reply...

I have looked through rkhunter.log and I am not exactly sure what to look for however I find these things to be questioned:

I purposely separated log lines which were not in relation to one another within the log file.

Code:
[07:00:28] /usr/bin/awk                                      [ Warning ]
[07:00:28] Warning: The file properties have changed:
[07:00:28]          File: /usr/bin/awk
[07:00:28]          Current hash: 90e423697f359d68af6e375aa48dd40a7ed21d13
[07:00:28]          Stored hash : 5a62d856b17933d8e8930ab4a6f20d6a90053c79
 
 
[07:00:31] Info: Found file '/usr/bin/groups': it is whitelisted for the 'script replacement' check.
 
[07:00:32] Info: Found file '/usr/bin/ldd': it is whitelisted for the 'script replacement' check.
 
 
[07:00:40] /usr/bin/gawk                                     [ Warning ]
[07:00:40] Warning: The file '/usr/bin/gawk' exists on the system, but it is not present in the rkhunter.dat file.
 
 
[07:00:40] Info: Found file '/usr/bin/lwp-request': it is whitelisted for the 'script replacement' check.
 
[07:00:45] Info: Found file '/usr/sbin/adduser': it is whitelisted for the 'script replacement' check.
 
[07:00:48] /usr/sbin/unhide                                  [ Warning ]
[07:00:48] Warning: The file '/usr/sbin/unhide' exists on the system, but it is not present in the rkhunter.dat file.
 
[07:00:49] /usr/sbin/unhide-linux26                          [ Warning ]
[07:00:49] Warning: The file '/usr/sbin/unhide-linux26' exists on the system, but it is not present in the rkhunter.dat file.
[07:01:39] Info: Test 'deleted_files' disabled at users request.
[07:01:39] Info: Starting test name 'running_procs'
[07:01:40]   Checking running processes for suspicious files [ None found ]
[07:01:40]
[07:01:40] Info: Test 'hidden_procs' disabled at users request.
[07:01:40]
[07:01:40] Info: Test 'suspscan' disabled at users request.
 
[07:01:50] System checks summary
[07:01:50] =====================
[07:01:50]
[07:01:50] File properties checks...
[07:01:50] Files checked: 124
[07:01:50] Suspect files: 4
[07:01:50]
[07:01:50] Rootkit checks...
[07:01:50] Rootkits checked : 110
[07:01:51] Possible rootkits: 0
[07:01:51]
[07:01:51] Applications checks...
[07:01:51] Applications checked: 4
[07:01:51] Suspect applications: 0
[07:01:51]
[07:01:51] The system checks took: 1 minute and 36 seconds
[07:01:51]
[07:01:51] Info: End date is Wed Jun 10 07:01:51 PDT 2009
Are some of the files which are not defined in need of definition within rkhunter setup file?

Thank you Falko

Best Regards
Reply With Quote