Skip to main content
cPanel Technical Support has been heavily impacted by hurricane Beryl and our ability to respond to tickets has been hindered as a result. We appreciate your understanding and patience as we address these delays.

RKhunter - Warning: Suspicious file types found in /dev:

Comments

3 comments

  • cPRex Jurassic Moderator
    Hey there! This just means that rkhunter thinks files without line terminators could be potential malicious code. It's important to note that rkhunter hasn't been updated since 2018, as we can see the last stable release was 20 Feb 2018: The Rootkit Hunter project Since that is the case, I wouldn't recommend that as a reliable tool to detect things properly on a system 5 years later. The best thing to do would be to check any files it flags and make sure they don't look like malicious code.
    0
  • 3awh
    Hey there! This just means that rkhunter thinks files without line terminators could be potential malicious code. It's important to note that rkhunter hasn't been updated since 2018, as we can see the last stable release was 20 Feb 2018: ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz wget ftp://ftp.chkrootkit.org/pub/seg/pac/chkrootkit.tar.gz Do you or anyone else know if this one is dead also?
    0
  • vanessa
    All of those rootkit hunters are generally pointless. Rootkits can be easily modified, and those kits only look for specific things based on the original signatures of certain root kits. With that said, I had no problem downloading from chkrootkit -- locally checks for signs of a rootkit.
    0

Please sign in to leave a comment.