Warning: Suspicious file types found in /dev?
Hi,
I get the following log several times a day, but I have no idea what I should do. I don't even know if this is a good or bad information. I really appreciate if you guys could explain this to me and let me know how I could fix it.
Thanks, ameran
[ Rootkit Hunter version 1.4.2 ]
Checking rkhunter data files...
Checking file mirrors.dat [ No update ]
Checking file programs_bad.dat [ No update ]
Checking file backdoorports.dat [ No update ]
Checking file suspscan.dat [ No update ]
Checking file i18n/cn [ No update ]
Checking file i18n/de [ No update ]
Checking file i18n/en [ No update ]
Checking file i18n/tr [ No update ]
Checking file i18n/tr.utf8 [ No update ]
Checking file i18n/zh [ No update ]
Checking file i18n/zh.utf8 [ No update ]
[ Rootkit Hunter version 1.4.2 ]
File updated: searched for 172 files, found 147
Warning: The command '/usr/bin/GET' has been replaced by a script: /usr/bin/GET: a /usr/bin/perl -w script text executable
Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne-Again shell script text executable
Warning: The command '/usr/bin/whatis' has been replaced by a script: /usr/bin/whatis: POSIX shell script text executable
Warning: The command '/sbin/ifdown' has been replaced by a script: /sbin/ifdown: Bourne-Again shell script text executable
Warning: The command '/sbin/ifup' has been replaced by a script: /sbin/ifup: Bourne-Again shell script text executable
Warning: The SSH configuration option 'PermitRootLogin' has not been set.
The default value may be 'yes', to allow root access.
Warning: Suspicious file types found in /dev:
/dev/.udev/queue.bin: data
/dev/.udev/db/block:loop0: ASCII text
/dev/.udev/db/block:vdc: ASCII text
/dev/.udev/db/block:vda1: ASCII text
/dev/.udev/db/input:event0: ASCII text
/dev/.udev/db/input:js0: ASCII text
/dev/.udev/db/input:event3: ASCII text
/dev/.udev/db/input:event1: ASCII text
/dev/.udev/db/input:mouse1: ASCII text
/dev/.udev/db/input:mouse2: ASCII text
/dev/.udev/db/input:event4: ASCII text
/dev/.udev/db/input:event2: ASCII text
/dev/.udev/db/block:ram4: ASCII text
/dev/.udev/db/block:ram6: ASCII text
/dev/.udev/db/block:ram9: ASCII text
/dev/.udev/db/block:ram8: ASCII text
/dev/.udev/db/block:ram7: ASCII text
/dev/.udev/db/block:ram5: ASCII text
/dev/.udev/db/block:vdb: ASCII text
/dev/.udev/db/block:ram13: ASCII text
/dev/.udev/db/block:ram1: ASCII text
/dev/.udev/db/block:ram3: ASCII text
/dev/.udev/db/block:ram15: ASCII text
/dev/.udev/db/block:ram2: ASCII text
/dev/.udev/db/block:ram14: ASCII text
/dev/.udev/db/block:vda: ASCII text
/dev/.udev/db/block:ram11: ASCII text
/dev/.udev/db/block:ram12: ASCII text
/dev/.udev/db/block:ram10: ASCII text
/dev/.udev/db/block:ram0: ASCII text
/dev/.udev/db/block:loop7: ASCII text
/dev/.udev/db/block:loop4: ASCII text
/dev/.udev/db/block:loop1: ASCII text
/dev/.udev/db/block:loop2: ASCII text
/dev/.udev/db/block:loop6: ASCII text
/dev/.udev/db/block:loop5: ASCII text
/dev/.udev/db/block:loop3: ASCII text
/dev/.udev/db/usb:1-1: ASCII text
/dev/.udev/db/usb:usb1: ASCII text
/dev/.udev/db/serio:serio0: ASCII text
/dev/.udev/rules.d/99-root.rules: ASCII text
Warning: Hidden directory found: /dev/.mdadm
Warning: Hidden directory found: /dev/.udev
Warning: Hidden file found: /etc/.brand: ASCII text, with no line terminators
Warning: Hidden file found: /usr/share/man/man5/.k5login.5.gz: gzip compressed data, from Unix, max compression
Warning: Hidden file found: /usr/share/man/man5/.k5identity.5.gz: gzip compressed data, from Unix, max compression
Warning: Hidden file found: /usr/bin/.ssh.hmac: ASCII text
Warning: Hidden file found: /usr/bin/.fipscheck.hmac: ASCII text
Warning: Hidden file found: /usr/sbin/.sshd.hmac: ASCII textThanks, ameran
-
Hello :) You may find the following thread helpful: rkhunter false positive warnings Thank you. 0
Please sign in to leave a comment.
Comments
1 comment