El Sábado, 20 de Octubre de 2007 19:00, bob.smith@xxxxxxxxxxx escribió: > > these are a mentioned in rkhunter: > > [19:20:07] /usr/bin/groups [ Warning ] > [19:20:07] Warning: The command '/usr/bin/groups' has been replaced by a > script: /usr/bin/groups: Bourne shell script text executable [[19:20:08] > /usr/bin/ldd [ Warning ] [19:20:08] > Warning: The command '/usr/bin/ldd' has been replaced by a script: > /usr/bin/ldd: Bourne shell script text executable [[19:20:11] > /usr/bin/whatis [ Warning ] [19:20:11] > Warning: The command '/usr/bin/whatis' has been replaced by a script: > /usr/bin/whatis: Bourne shell script text executable [[19:20:12] Warning: > The command '/sbin/ifdown' has been replaced by a script: /sbin/ifdown: > Bourne-Again shell script text executable [19:20:12] /sbin/ifup > [ Warning ] [19:20:12] Warning: The command > '/sbin/ifup' has been replaced by a script: /sbin/ifup: Bourne-Again shell > script text executable [19:20:52] Info: Rkhunter option ALLOW_SSH_ROOT_USER > set to 'no'. > [19:20:52] Checking if SSH root access is allowed [ Warning ] > [19:20:52] Warning: The SSH configuration option 'PermitRootLogin' has not > been set. The default value may be 'yes', to allow root access. > [ Something strange in those script? Something that lead you to think you've a rootkit installed? -- Manuel Arostegui Ramirez. Electronic Mail is not secure, may not be read every day, and should not be used for urgent or sensitive issues.
