Bug#576680: rkhunter: Bug still exists

Fri, 30 Apr 2010 14:36:18 -0700 

Package: rkhunter
Version: 1.3.6-4
Severity: normal

I installed rkhunter, did 'rkhunter --check' and got two warnings. Here are the 
relevant entries from the log.

[23:05:11] Warning: Checking for possible rootkit strings    [ Warning ]
[23:05:11]          Found string 'hdparm' in file '/etc/init.d/hdparm'. 
Possible rootkit: Xzibit Rootkit
[23:05:11]          Found string 'hdparm' in file '/etc/init.d/.depend.boot'. 
Possible rootkit: Xzibit Rootkit
[23:05:29]   Checking for hidden files and directories       [ Warning ]
[23:05:29] Warning: Hidden directory found: /etc/.java
[23:05:29] Warning: Hidden directory found: /dev/.udev
[23:05:29] Warning: Hidden directory found: /dev/.initramfs

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-trunk-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages rkhunter depends on:
ii  binutils                      2.20.1-8   The GNU assembler, linker and bina
ii  debconf [debconf-2.0]         1.5.32     Debian configuration management sy
ii  exim4                         4.71-4     metapackage to ease Exim MTA (v4) 
ii  exim4-daemon-light [mail-tran 4.71-4     lightweight Exim MTA (v4) daemon
ii  file                          5.04-2     Determines file type using "magic"
ii  net-tools                     1.60-23    The NET-3 networking toolkit
ii  perl                          5.10.1-12  Larry Wall's Practical Extraction 

Versions of packages rkhunter recommends:
ii  curl                       7.20.1-2      Get a file from an HTTP, HTTPS or 
ii  iproute                    20100224-5    networking and traffic control too
ii  lsof                       4.81.dfsg.1-1 List open files
ii  perl [libdigest-sha-perl]  5.10.1-12     Larry Wall's Practical Extraction 
ii  unhide                     20100201-1    Forensic tool to find hidden proce
ii  wget                       1.12-2        retrieves files from the web

Versions of packages rkhunter suggests:
ii  bsd-mailx          8.1.2-0.20100314cvs-1 simple mail user agent
pn  tripwire           <none>                (no description available)

-- debconf information:
  rkhunter/apt_autogen: false
  rkhunter/cron_db_update:
  rkhunter/cron_daily_run:



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to