View Single Post
  #1  
Old 3rd April 2013, 04:21
msp msp is offline
Member
 
Join Date: Aug 2011
Posts: 41
Thanks: 2
Thanked 2 Times in 2 Posts
Default rkhunter, "machine infected" straight after install?

I followed the Perfect Server Debian Squeeze (ISPConfig3/Apache/Dovecot) installation, then set an email address for rkhunter to send report emails to.

I only installed this server yesterday from scratch. Is it normal that I get emails already telling me;

Please inspect this machine, because it may be infected.

I've checked through this document: http://beginlinux.com/sec_train_m/se...g-for-rootkits

and I have run rkhunter -c, which does find warnings.

How can I silence warnings that aren't things I need to worry about (e.g.
Checking loaded kernel modules [ Warning ]
Checking if SSH root access is allowed [ Warning ]
Checking for hidden files and directories [ Warning ]
)?

I'd rather like to tune-out of things unless they need my attention and I want to be reassured my system is clean.
Reply With Quote
Sponsored Links