Rkhunter weird log - Debian 7
Hello everybody,
My server started acting weird today so I just ran an apt-upgrade and after that rkhunter that warned me quite a few times about certain files. Could I possibly be hacked? http://pastebin.com/5sqqvE4n Sorry for the long log file, any advice? |
crudely the log says no kits detected.
2) you appear to have modified your conf file as I can see a whitelisted item but did you config for your packagemanager checks? How about a link to your conf 3) have you considered installing and enabling extra checks such as unhide skdet etc http://sourceforge.net/apps/trac/rkh...MPRKH#Contents 4) you have no external mail setup or local mail 5) Quote:
when did you start your first scan for RKH? ----before the upgrade? did you keep any logs and did you read the readme? or the FAQ When you think you have a (potential) security problem it is advised to think and inform yourself thoroughly before you act. Please consider checking the FAQ, the rkhunter-users mailing list archives, your distribution documentation about security and security issues and the CERT Intruder Detection Checklist, formerly located at http://www.cert.org/tech_tips/intrud...checklist.html, and archived at http://web.archive.org/web/200801092...checklist.html BTW you may have been better off posting in the security section as I am not an expert |
Quote:
Quote:
Quote:
Code:
Warning: The O/S name or version has changed since the last run: Code:
[22:52:08] Because of the change(s) the file properties checks may give some false-positive results. Code:
[22:52:08] You may need to re-run rkhunter with the '--propupd' option. |
All times are GMT -5. The time now is 10:39 PM. |