LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-27-2010, 10:40 PM   #1
Amdx2_x64
Member
 
Registered: Jun 2008
Distribution: Left LQ. Mods are too Rude!
Posts: 598

Rep: Reputation: 50
Three new Rkhunter warnings...


I just installed Debian Squeeze yesterday, with Gnome. I also installed XFCE and noticed the following after I ran rkhunter (chkrootkit came back fine.) Should I worry or is it probably just something that goes along with XFCE maybe?

Quote:
[23:32:34] Checking for string 'hdparm' [ Warning ]

[23:32:35] Found string 'hdparm' in file '/etc/init.d/.depend.boot'. Possible rootkit: Xzibit Rootkit
[23:32:35] Found string 'hdparm' in file '/etc/init.d/hdparm'. Possible rootkit: Xzibit Rootkit
 
Old 10-27-2010, 10:45 PM   #2
joec@home
Member
 
Registered: Sep 2009
Location: Houston Tx
Posts: 89

Rep: Reputation: 29
As XFCE touts increased speed, the hdparm is for advanced hard drive tuning, and you stated the scan is directly after the install, most likely this is a false positive. This is a very good reason to understand the baseline of any diagnostic program. For example I like to use chkrootkit along side rkhunter, and if you ever run it on a cPanel box chkrootkit goes nuts!
 
1 members found this post helpful.
Old 10-27-2010, 10:48 PM   #3
Amdx2_x64
Member
 
Registered: Jun 2008
Distribution: Left LQ. Mods are too Rude!
Posts: 598

Original Poster
Rep: Reputation: 50
That is why I either research it and/or ask here rather then panicking. Anything is possible but I was thinking it was more likely that it had to do with XFCE, I just wasn't sure how. Now I know.

Thanks for the reply.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
rkhunter warnings or suspect files judoka Linux - Security 7 08-21-2010 08:30 AM
RKhunter question, Getting warnings for some directories. M$ISBS Linux - Security 8 03-05-2008 01:38 AM
rkhunter warnings adityavpratap Slackware 15 02-24-2007 07:11 AM
rkhunter warnings jantman Linux - Security 4 01-23-2007 02:39 PM


All times are GMT -5. The time now is 10:01 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration