LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page RKhunter warning about hidden files.
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-02-2007, 07:09 PM   #1
gonus
Member
 
Registered: Apr 2002
Location: Huntsville, Alabama
Distribution: Ubuntu 9.04
Posts: 445

Rep: Reputation: 30
RKhunter warning about hidden files.

* Filesystem checks
Checking /dev for suspicious files... -e [ OK ]
Scanning for hidden files...-e [ Warning! ]
---------------
/dev/.static
/dev/.udev
/dev/.initramfs
/dev/.initramfs-tools /etc/.pwd.lock
/etc/.java
---------------
Please inspect: /dev/.static (directory) /dev/.udev (directory) /dev/.initramfs (directory) /etc/.java (directory)

[Press <ENTER> to continue]

Uber noob to linux security. What should I be looking for? I appreciate any responses.

G
 
Old 05-02-2007, 07:26 PM   #2
Okie
Senior Member
 
Registered: Mar 2002
Location: Oklahoma
Posts: 1,154

Rep: Reputation: 187Reputation: 187
nothing to worry about, it wont hurt to read the contents of those files just in case, but i doubt there is anything wrong with having those files, (they are probably supposed to be there so don't delete them)...
 
Old 05-02-2007, 07:59 PM   #3
gilead
Senior Member
 
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,141

Rep: Reputation: 168Reputation: 168
As Okie says, inspect the directories to see whether there is anything suspicious in there. If you're not sure, then ask here with some info about what you found. Once you're satisfied there's no problem with those directories you can add them to the rkhunter.conf file (/usr/local/etc/rkhunter.conf on my system). Here are the ALLOWHIDDENDIR entries on my system:
Code:
ALLOWHIDDENDIR=/etc/.java
ALLOWHIDDENDIR=/etc/.pwd.lock
ALLOWHIDDENDIR=/dev/.udev.tdb
ALLOWHIDDENDIR=/dev/.udev
 
Old 05-03-2007, 10:27 AM   #4
gonus
Member
 
Registered: Apr 2002
Location: Huntsville, Alabama
Distribution: Ubuntu 9.04
Posts: 445

Original Poster
Rep: Reputation: 30
Thanx guys I was getting nervous.

G
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
rkhunter displaying warning message Michael_aust Linux - Newbie 4 04-30-2006 05:24 PM
Hidden Files coold8 Linux - General 5 04-27-2005 11:26 PM
home directory files gone, hidden files remain Grasshopper Linux - Security 12 04-10-2005 08:23 PM
Hidden files warning Chiel Linux - Security 3 11-15-2004 12:28 PM
Getting Warning during rkhunter? BajaNick Linux - Security 8 09-12-2004 08:34 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:27 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration