rkhunter

Sicurezza del sistema: firewall, antispam, antivirus, ssh, patch, bug, eccetera.
Scrivi risposta
Avatar utente
pupiddo
Prode Principiante
Messaggi: 89
Iscrizione: giovedì 14 settembre 2006, 16:25
Località: MILANO

rkhunter

Messaggio da pupiddo »

Un  sudo rkhunter -c mi da solo questo warning. 

Scanning for hidden files...-e                                [ Warning! ]
---------------
/dev/.static
/dev/.udev
/dev/.initramfs
/dev/.initramfs-tools /etc/.pwd.lock
/etc/.bash_aliases
/etc/.java

Cosa fare? Come approfondire? o lascio perdere? A me sembrano file innoqui....o no?
Ultima modifica di pupiddo il sabato 3 marzo 2007, 18:22, modificato 1 volta in totale.
Attento a quello che desideri....perchè potresti ottenerlo!
Ritorna su
Avatar utente
Volans
Imperturbabile Insigne
Imperturbabile Insigne
Messaggi: 4915
Iscrizione: domenica 4 dicembre 2005, 11:25
Contatti:
Contatta Volans

Re: rkhunter

Messaggio da Volans »

Si di solito questi sono dei falsi positivi, comunqu controllale, non si sa mai...
Puoi dire ad rkhunter di ignorarli così nont i da il warning.
Per farlo basta che aggiungi i path delle cartelle nel file /etc/rkhunter.conf nella sezione "Allow hidden directory".

Puoi vedere anche nelle Rootkit Hunter FAQ, domanda B4...
Volans
Prima di scrivere leggi le Guide, poi vedi se c'è un HowTo nel Wiki e fai una ricerca nel Forum!
Ritorna su
Avatar utente
pupiddo
Prode Principiante
Messaggi: 89
Iscrizione: giovedì 14 settembre 2006, 16:25
Località: MILANO

Re: rkhunter

Messaggio da pupiddo »

Volans ha scritto: Si di solito questi sono dei falsi positivi, comunqu controllale, non si sa mai...
Non saprei come fare...ad esempio ci sono dei block device (permesso che non avevo mai visto prima)come per esempio qui dentro:

Codice: Seleziona tutto

 ll /dev/.static/dev
totale 8
lrwxrwxrwx 1 root root          11 2006-11-01 20:36 core -> /proc/kcore
lrwxrwxrwx 1 root root          13 2006-11-01 20:36 MAKEDEV -> /sbin/MAKEDEV
lrwxrwxrwx 1 root root           4 2006-11-01 20:36 ram -> ram1
lrwxrwxrwx 1 root root           4 2006-11-01 20:36 sr0 -> scd0
lrwxrwxrwx 1 root root           4 2006-11-01 20:36 sr1 -> scd1
lrwxrwxrwx 1 root root           5 2006-11-01 20:36 sr10 -> scd10
lrwxrwxrwx 1 root root           5 2006-11-01 20:36 sr11 -> scd11
lrwxrwxrwx 1 root root           5 2006-11-01 20:36 sr12 -> scd12
lrwxrwxrwx 1 root root           5 2006-11-01 20:36 sr13 -> scd13
lrwxrwxrwx 1 root root           5 2006-11-01 20:36 sr14 -> scd14
lrwxrwxrwx 1 root root           5 2006-11-01 20:36 sr15 -> scd15
lrwxrwxrwx 1 root root           5 2006-11-01 20:36 sr16 -> scd16
lrwxrwxrwx 1 root root           4 2006-11-01 20:36 sr2 -> scd2
lrwxrwxrwx 1 root root           4 2006-11-01 20:36 sr3 -> scd3
lrwxrwxrwx 1 root root           4 2006-11-01 20:36 sr4 -> scd4
lrwxrwxrwx 1 root root           4 2006-11-01 20:36 sr5 -> scd5
lrwxrwxrwx 1 root root           4 2006-11-01 20:36 sr6 -> scd6
lrwxrwxrwx 1 root root           4 2006-11-01 20:36 sr7 -> scd7
lrwxrwxrwx 1 root root           4 2006-11-01 20:36 sr8 -> scd8
lrwxrwxrwx 1 root root           4 2006-11-01 20:36 sr9 -> scd9
crw-rw---- 1 root lp       99,   0 2006-10-25 16:08 parport0
crw-rw---- 1 root lp       99,   1 2006-10-25 16:08 parport1
crw-rw---- 1 root lp       99,   2 2006-10-25 16:08 parport2
crw-rw---- 1 root disk    171,   0 2006-10-25 16:08 raw1394
brw-rw---- 1 root cdrom    11,  15 2006-10-25 16:08 scd15
brw-rw---- 1 root cdrom    11,  16 2006-10-25 16:08 scd16
brw-rw---- 1 root cdrom    11,   0 2006-10-25 16:08 scd0
brw-rw---- 1 root cdrom    11,   1 2006-10-25 16:08 scd1
brw-rw---- 1 root cdrom    11,  10 2006-10-25 16:08 scd10
brw-rw---- 1 root cdrom    11,  11 2006-10-25 16:08 scd11
brw-rw---- 1 root cdrom    11,  12 2006-10-25 16:08 scd12
brw-rw---- 1 root cdrom    11,  13 2006-10-25 16:08 scd13
brw-rw---- 1 root cdrom    11,  14 2006-10-25 16:08 scd14
brw-rw---- 1 root cdrom    11,   2 2006-10-25 16:08 scd2
brw-rw---- 1 root cdrom    11,   3 2006-10-25 16:08 scd3
brw-rw---- 1 root cdrom    11,   4 2006-10-25 16:08 scd4
brw-rw---- 1 root cdrom    11,   5 2006-10-25 16:08 scd5
brw-rw---- 1 root cdrom    11,   6 2006-10-25 16:08 scd6
brw-rw---- 1 root cdrom    11,   7 2006-10-25 16:08 scd7
brw-rw---- 1 root cdrom    11,   8 2006-10-25 16:08 scd8
brw-rw---- 1 root cdrom    11,   9 2006-10-25 16:08 scd9
crw------- 1 root root     21,   0 2006-10-25 16:08 sg0
crw------- 1 root root     21,   1 2006-10-25 16:08 sg1
crw------- 1 root root     21,  10 2006-10-25 16:08 sg10
crw------- 1 root root     21,  11 2006-10-25 16:08 sg11
crw------- 1 root root     21,  12 2006-10-25 16:08 sg12
crw------- 1 root root     21,  13 2006-10-25 16:08 sg13
crw------- 1 root root     21,  14 2006-10-25 16:08 sg14
crw------- 1 root root     21,  15 2006-10-25 16:08 sg15
crw------- 1 root root     21,  16 2006-10-25 16:08 sg16
crw------- 1 root root     21,   2 2006-10-25 16:08 sg2
crw------- 1 root root     21,   3 2006-10-25 16:08 sg3
crw------- 1 root root     21,   4 2006-10-25 16:08 sg4
crw------- 1 root root     21,   5 2006-10-25 16:08 sg5
crw------- 1 root root     21,   6 2006-10-25 16:08 sg6
crw------- 1 root root     21,   7 2006-10-25 16:08 sg7
crw------- 1 root root     21,   8 2006-10-25 16:08 sg8
crw------- 1 root root     21,   9 2006-10-25 16:08 sg9
crw-rw---- 1 root dialout 217,   0 2006-10-25 16:08 ccub0
crw-rw---- 1 root dialout 217,   1 2006-10-25 16:08 ccub1
crw-rw---- 1 root dialout 217,   2 2006-10-25 16:08 ccub2
crw-rw---- 1 root dialout 217,   3 2006-10-25 16:08 ccub3
crw-rw---- 1 root dialout 216,  23 2006-10-25 16:08 rfcomm23
crw-rw---- 1 root dialout 216,  24 2006-10-25 16:08 rfcomm24
crw-rw---- 1 root dialout 216,  25 2006-10-25 16:08 rfcomm25
crw-rw---- 1 root dialout 216,  26 2006-10-25 16:08 rfcomm26
crw-rw---- 1 root dialout 216,  27 2006-10-25 16:08 rfcomm27
crw-rw---- 1 root dialout 216,  28 2006-10-25 16:08 rfcomm28
crw-rw---- 1 root dialout 216,  29 2006-10-25 16:08 rfcomm29
crw-rw---- 1 root dialout 216,  30 2006-10-25 16:08 rfcomm30
crw-rw---- 1 root dialout 216,  31 2006-10-25 16:08 rfcomm31
crw-rw---- 1 root dialout 216,   0 2006-10-25 16:08 ttyUB0
crw-rw---- 1 root dialout 216,   1 2006-10-25 16:08 ttyUB1
crw-rw---- 1 root dialout 216,   2 2006-10-25 16:08 ttyUB2
crw-rw---- 1 root dialout 216,   3 2006-10-25 16:08 ttyUB3
crw-rw---- 1 root dialout  10, 250 2006-10-25 16:08 vhci
crw-rw---- 1 root dialout 216,   0 2006-10-25 16:08 rfcomm0
crw-rw---- 1 root dialout 216,   1 2006-10-25 16:08 rfcomm1
crw-rw---- 1 root dialout 216,  10 2006-10-25 16:08 rfcomm10
crw-rw---- 1 root dialout 216,  11 2006-10-25 16:08 rfcomm11
crw-rw---- 1 root dialout 216,  12 2006-10-25 16:08 rfcomm12
crw-rw---- 1 root dialout 216,  13 2006-10-25 16:08 rfcomm13
crw-rw---- 1 root dialout 216,  14 2006-10-25 16:08 rfcomm14
crw-rw---- 1 root dialout 216,  15 2006-10-25 16:08 rfcomm15
crw-rw---- 1 root dialout 216,  16 2006-10-25 16:08 rfcomm16
crw-rw---- 1 root dialout 216,  17 2006-10-25 16:08 rfcomm17
crw-rw---- 1 root dialout 216,  18 2006-10-25 16:08 rfcomm18
crw-rw---- 1 root dialout 216,  19 2006-10-25 16:08 rfcomm19
crw-rw---- 1 root dialout 216,   2 2006-10-25 16:08 rfcomm2
crw-rw---- 1 root dialout 216,  20 2006-10-25 16:08 rfcomm20
crw-rw---- 1 root dialout 216,  21 2006-10-25 16:08 rfcomm21
crw-rw---- 1 root dialout 216,  22 2006-10-25 16:08 rfcomm22
crw-rw---- 1 root dialout 216,   3 2006-10-25 16:08 rfcomm3
crw-rw---- 1 root dialout 216,   4 2006-10-25 16:08 rfcomm4
crw-rw---- 1 root dialout 216,   5 2006-10-25 16:08 rfcomm5
crw-rw---- 1 root dialout 216,   6 2006-10-25 16:08 rfcomm6
crw-rw---- 1 root dialout 216,   7 2006-10-25 16:08 rfcomm7
crw-rw---- 1 root dialout 216,   8 2006-10-25 16:08 rfcomm8
crw-rw---- 1 root dialout 216,   9 2006-10-25 16:08 rfcomm9
crw-rw---- 1 root root     10, 134 2006-10-25 16:08 apm_bios
crw-rw---- 1 root dip     108,   0 2006-10-25 16:08 ppp
crw------- 1 root root     89,   0 2006-10-25 16:07 i2c-0
crw------- 1 root root     89,   1 2006-10-25 16:07 i2c-1
crw------- 1 root root     89,   2 2006-10-25 16:07 i2c-2
crw------- 1 root root     89,   3 2006-10-25 16:07 i2c-3
crw------- 1 root root     89,   4 2006-10-25 16:07 i2c-4
crw------- 1 root root     89,   5 2006-10-25 16:07 i2c-5
crw------- 1 root root     89,   6 2006-10-25 16:07 i2c-6
crw------- 1 root root     89,   7 2006-10-25 16:07 i2c-7
prw-r----- 1 root adm            0 2006-10-25 16:03 xconsole
drwxr-xr-x 2 root root        4096 2006-10-25 16:03 pts
drwxr-xr-x 2 root root        4096 2006-10-25 16:03 shm
crw-rw---- 1 root video    10, 175 2006-10-25 16:03 agpgart
crw-rw---- 1 root audio    14,   4 2006-10-25 16:03 audio
crw-rw---- 1 root audio    14,  20 2006-10-25 16:03 audio1
crw-rw---- 1 root audio    14,  36 2006-10-25 16:03 audio2
crw-rw---- 1 root audio    14,  52 2006-10-25 16:03 audio3
crw-rw---- 1 root audio    14,   7 2006-10-25 16:03 audioctl
crw-rw---- 1 root audio    14,   3 2006-10-25 16:03 dsp
crw-rw---- 1 root audio    14,  19 2006-10-25 16:03 dsp1
crw-rw---- 1 root audio    14,  35 2006-10-25 16:03 dsp2
crw-rw---- 1 root audio    14,  51 2006-10-25 16:03 dsp3
crw-rw---- 1 root audio    35,   0 2006-10-25 16:03 midi0
crw-rw---- 1 root audio    14,   2 2006-10-25 16:03 midi00
crw-rw---- 1 root audio    14,  18 2006-10-25 16:03 midi01
crw-rw---- 1 root audio    14,  34 2006-10-25 16:03 midi02
crw-rw---- 1 root audio    14,  50 2006-10-25 16:03 midi03
crw-rw---- 1 root audio    35,   1 2006-10-25 16:03 midi1
crw-rw---- 1 root audio    35,   2 2006-10-25 16:03 midi2
crw-rw---- 1 root audio    35,   3 2006-10-25 16:03 midi3
crw-rw---- 1 root audio    14,   0 2006-10-25 16:03 mixer
crw-rw---- 1 root audio    14,  16 2006-10-25 16:03 mixer1
crw-rw---- 1 root audio    14,  32 2006-10-25 16:03 mixer2
crw-rw---- 1 root audio    14,  48 2006-10-25 16:03 mixer3
crw-rw---- 1 root audio    31,   0 2006-10-25 16:03 mpu401data
crw-rw---- 1 root audio    31,   1 2006-10-25 16:03 mpu401stat
crw-rw---- 1 root audio    35,  64 2006-10-25 16:03 rmidi0
crw-rw---- 1 root audio    35,  65 2006-10-25 16:03 rmidi1
crw-rw---- 1 root audio    35,  66 2006-10-25 16:03 rmidi2
crw-rw---- 1 root audio    35,  67 2006-10-25 16:03 rmidi3
crw-rw---- 1 root audio    14,   1 2006-10-25 16:03 sequencer
crw-rw---- 1 root audio    35, 128 2006-10-25 16:03 smpte0
crw-rw---- 1 root audio    35, 129 2006-10-25 16:03 smpte1
crw-rw---- 1 root audio    35, 130 2006-10-25 16:03 smpte2
crw-rw---- 1 root audio    35, 131 2006-10-25 16:03 smpte3
crw-rw---- 1 root audio    14,   6 2006-10-25 16:03 sndstat
crw------- 1 root tty       4,   5 2006-10-25 16:03 tty5
crw------- 1 root tty       4,   6 2006-10-25 16:03 tty6
crw------- 1 root tty       4,   7 2006-10-25 16:03 tty7
crw------- 1 root tty       4,   8 2006-10-25 16:03 tty8
crw------- 1 root tty       4,   9 2006-10-25 16:03 tty9
crw------- 1 root tty       5,   1 2006-10-25 16:03 console
crw------- 1 root tty       4,   0 2006-10-25 16:03 tty0
crw------- 1 root tty       4,   1 2006-10-25 16:03 tty1
crw------- 1 root tty       4,   2 2006-10-25 16:03 tty2
crw------- 1 root tty       4,   3 2006-10-25 16:03 tty3
crw------- 1 root tty       4,   4 2006-10-25 16:03 tty4
crw-rw-rw- 1 root root      1,   7 2006-10-25 16:03 full
crw-r----- 1 root kmem      1,   2 2006-10-25 16:03 kmem
brw-rw---- 1 root disk      7,   0 2006-10-25 16:03 loop0
brw-rw---- 1 root disk      7,   1 2006-10-25 16:03 loop1
brw-rw---- 1 root disk      7,   2 2006-10-25 16:03 loop2
brw-rw---- 1 root disk      7,   3 2006-10-25 16:03 loop3
brw-rw---- 1 root disk      7,   4 2006-10-25 16:03 loop4
brw-rw---- 1 root disk      7,   5 2006-10-25 16:03 loop5
brw-rw---- 1 root disk      7,   6 2006-10-25 16:03 loop6
brw-rw---- 1 root disk      7,   7 2006-10-25 16:03 loop7
crw-r----- 1 root kmem      1,   1 2006-10-25 16:03 mem
crw-rw-rw- 1 root root      1,   3 2006-10-25 16:03 null
crw-r----- 1 root kmem      1,   4 2006-10-25 16:03 port
brw-rw---- 1 root disk      1,   0 2006-10-25 16:03 ram0
brw-rw---- 1 root disk      1,   1 2006-10-25 16:03 ram1
brw-rw---- 1 root disk      1,  10 2006-10-25 16:03 ram10
brw-rw---- 1 root disk      1,  11 2006-10-25 16:03 ram11
brw-rw---- 1 root disk      1,  12 2006-10-25 16:03 ram12
brw-rw---- 1 root disk      1,  13 2006-10-25 16:03 ram13
brw-rw---- 1 root disk      1,  14 2006-10-25 16:03 ram14
brw-rw---- 1 root disk      1,  15 2006-10-25 16:03 ram15
brw-rw---- 1 root disk      1,  16 2006-10-25 16:03 ram16
brw-rw---- 1 root disk      1,   2 2006-10-25 16:03 ram2
brw-rw---- 1 root disk      1,   3 2006-10-25 16:03 ram3
brw-rw---- 1 root disk      1,   4 2006-10-25 16:03 ram4
brw-rw---- 1 root disk      1,   5 2006-10-25 16:03 ram5
brw-rw---- 1 root disk      1,   6 2006-10-25 16:03 ram6
brw-rw---- 1 root disk      1,   7 2006-10-25 16:03 ram7
brw-rw---- 1 root disk      1,   8 2006-10-25 16:03 ram8
brw-rw---- 1 root disk      1,   9 2006-10-25 16:03 ram9
crw-rw-rw- 1 root root      1,   8 2006-10-25 16:03 random
crw-rw-rw- 1 root tty       5,   0 2006-10-25 16:03 tty
cr--r--r-- 1 root root      1,   9 2006-10-25 16:03 urandom
crw-rw-rw- 1 root root      1,   5 2006-10-25 16:03 zero
crw-rw-rw- 1 root tty       5,   2 2006-10-12 12:36 ptmx
Che controlli mi suggeriresti?

(Tra parentesi non so cosa indica quella c all'inizio dei permessi e non ho molto tempo adesso per investigare :'()
Attento a quello che desideri....perchè potresti ottenerlo!
Ritorna su
Avatar utente
Volans
Imperturbabile Insigne
Imperturbabile Insigne
Messaggi: 4915
Iscrizione: domenica 4 dicembre 2005, 11:25
Contatti:
Contatta Volans

Re: rkhunter

Messaggio da Volans »

È normale avere una lunga lista in quella cartella, non saprei però dirti se sono tutti regolari o no.
Per le specifiche della notazione dei file e dei permessi puoi vedere qui:
Wikipedia.org: File_system_permissions
Volans
Prima di scrivere leggi le Guide, poi vedi se c'è un HowTo nel Wiki e fai una ricerca nel Forum!
Ritorna su
Scrivi risposta

Ritorna a “Sicurezza”

Chi c’è in linea

Visualizzano questa sezione: 0 utenti iscritti e 1 ospite