LinuxQuestions.org - chkrootkit - suspicious files and dirs

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - chkrootkit - suspicious files and dirs (https://www.linuxquestions.org/questions/linux-security-4/chkrootkit-suspicious-files-and-dirs-341419/)

chkrootkit - suspicious files and dirs

Here's a portion of the output from chkrootkit:

Quote:

...
Searching for RH-Sharpe's default files... nothing found
Searching for Ambient's rootkit (ark) default files and dirs... nothing found
Searching for suspicious files and dirs, it may take a while...
/usr/lib/j2se/1.4/jre/.systemPrefs /usr/lib/j2se/1.4/jre/.systemPrefs/.system.lock /usr/lib/j2se/1.4/jre/.systemPrefs/.systemRootModFile /usr/lib/blender/.Blanguages /usr/lib/blender/.bfont.ttf
/usr/lib/j2se/1.4/jre/.systemPrefs
Searching for LPD Worm files and dirs... nothing found
Searching for Ramen Worm files and dirs... nothing found
...

Are the entries listed as "suspicious files and dirs" something I should be concerned about?

Not usually. Anything outside of the user home directories that has a filename beginning with a "." (aka a hidden file) is automatically flagged as suspicious by chkrootkit. For some reason alot of the java libs are named that way which is annoying but harmless. It's still a good idea to visually inspect these files though, just in case.