Re: F17 - false positive? -> Fwd: rkhunter Daily Run on testserver |
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: F17 - false positive? -> Fwd: rkhunter Daily Run on testserver
- From: Ed Greshko <Ed.Greshko@xxxxxxxxxxx>
- Date: Thu, 14 Jun 2012 16:41:51 +0800
- Delivered-to: users@xxxxxxxxxxxxxxxxxxxxxxx
- In-reply-to: <4FD99DF0.7090306@thelounge.net>
- Reply-to: Community support for Fedora users <users@xxxxxxxxxxxxxxxxxxxxxxx>
- User-agent: Mozilla/5.0 (X11; Linux i686; rv:12.0) Gecko/20120430 Thunderbird/12.0.1
On 06/14/2012 04:16 PM, Reindl Harald wrote:
> after upgrade a test-VM to F17 i get this rkhunter warnings
> i can not really believe that there is a rootkit not existing
> on the F16 setup and think this is a false positive
>
> can anybody confirm this or should i make a bugreport now?
>
> -------- Original-Nachricht --------
> Betreff: rkhunter Daily Run on testserver
> Datum: Thu, 14 Jun 2012 03:49:14 +0200
> Von: root
> An: rhsoft@xxxxxxx
>
> --------------------- Start Rootkit Hunter Update ---------------------
> [ Rootkit Hunter version 1.4.0 ]
>
> Checking rkhunter data files...
> Checking file mirrors.dat [ No update ]
> Checking file programs_bad.dat [ No update ]
> Checking file backdoorports.dat [ No update ]
> Checking file suspscan.dat [ No update ]
> Checking file i18n/cn [ No update ]
> Checking file i18n/de [ No update ]
> Checking file i18n/en [ No update ]
> Checking file i18n/zh [ No update ]
> Checking file i18n/zh.utf8 [ No update ]
>
> ---------------------- Start Rootkit Hunter Scan ----------------------
> Warning: 'Spanish' Rootkit [ Warning ]
> File '/bin/ad' found
> Warning: Hidden file found: /usr/share/man/man5/.k5identity.5.gz: gzip compressed data, from Unix, max compression
>
> ----------------------- End Rootkit Hunter Scan -----------------------
>
Well, I have no /bin/ad file and "yum whatprovides /bin/ad" returns nothing.... on
both F16 and F17
/usr/share/man/man5/.k5identity.5.gz is part of krb5-libs on F17 but not F16.
--
Never be afraid to laugh at yourself, after all, you could be missing out on the joke
of the century. -- Dame Edna Everage
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Older Fedora Users]
[Fedora Announce]
[Fedora Package Announce]
[EPEL Announce]
[Fedora News]
[Fedora Cloud]
[Fedora Advisory Board]
[Fedora Education]
[Fedora Security]
[Fedora Scitech]
[Fedora Robotics]
[Fedora Maintainers]
[Fedora Infrastructure]
[Fedora Websites]
[Anaconda Devel]
[Fedora Devel Java]
[Fedora Legacy]
[Fedora Desktop]
[Fedora Fonts]
[ATA RAID]
[Fedora Marketing]
[Fedora Management Tools]
[Fedora Mentors]
[SSH]
[Find Someone Special]
[Fedora Package Review]
[Fedora R Devel]
[Fedora PHP Devel]
[Kickstart]
[Fedora Music]
[Fedora Packaging]
[Centos]
[Fedora SELinux]
[Fedora Legal]
[Fedora Kernel]
[Fedora QA]
[Fedora Triage]
[Fedora OCaml]
[Coolkey]
[Virtualization Tools]
[ET Management Tools]
[Yum Users]
[Tux]
[Yosemite News]
[Yosemite Photos]
[Linux Apps]
[Maemo Users]
[Gnome Users]
[KDE Users]
[Fedora Tools]
[Fedora Art]
[Fedora Docs]
[Maemo Users]
[Asterisk PBX]
[Fedora Sparc]
[Fedora Universal Network Connector]
[Libvirt Users]
[Fedora ARM]
