rootkit hunter shows warning messages
 

I Installed Kubuntu alongside suse about a month ago. I installed rootkit for Kubuntu in the beginning and had cron run it daily.

I checked the log today and found something strange. Just about every file in /bin, /usr/bin, /sbin, /usr/sbin showed the warning messages but won't tell me why it is shown.

Rkhunter file was not one of them.

I checked the owner, permissions, and the times for the files and didn't see any changes. rkhunter did not find any rootkits also.

Has this happened to anybody. Should I be worried? Thanks

-bhert

The reason for the warnings is shown in the /var/log/rkhunter.log file. e.g.

Thanks for replying Nexus, Aren't these files executables and scripts? How was it replaced? Updates maybe?

-bhert

The log also says that the inode properties of the files have been changed. I am not sure what that means.

-bhert

If you use tools it would be good to know what they can and can't do. So I'd suggest you read the docs that came with RKH. Those, and the comments in the rkhunter.conf, should give you an idea bout most things. Then it would be easier to ask more specific questions that aren't answered already in the RKH mailing list archives and LQ fora.