Mailinglist Archive: opensuse (4633 mails)

< Previous Next >
[opensuse] Re: [opensuse-security] Security report from rkhunter on default install of openSUSE 10.2
  • From: John Andersen <jsa@xxxxxxxxxxxxxx>
  • Date: Tue, 26 Dec 2006 20:04:34 -0900
  • Message-id: <200612262004.35434.jsa@xxxxxxxxxxxxxx>
On Tuesday 26 December 2006 14:03, Pavel Chalupa wrote:
> Hi,
> is there anybody who can explain the security report generated by rkhunter?
>
> At first: default install includes SSHD with remote root login allow, all
> users remote login allowed, SSH protocol 1 allowed... during install is SSH
> disallowed, but SSHD runnig after install...
>
> At second: after some online updates, I tried to run rkhunter and its
> reporting invisible /dev/tmpblablabla... and some two other files
> corresponding with this one... this was too confusing and I killed this by
> command rm /dev/tmpblabla... I have no idea what it was, but rkhunter
> reported that system is infected... I have no backup of this, but the
> machine still runnig and I can make some investigation, but I don't know
> how to do it.

Pavel, Please...

Step away from the keyboard.

Do not go deleting things till you know what you are doing.

Do not worry about ssh, it is a secure protocol.

Run to your nearest book store and buy a book about getting
started in linux, before you start worrying about security.

SUSE installs very securely, so there is no point in running
rkhunter till you understand the situation a little more. Linux
is not like Windows, where the first thing you have to do is
install a antivirus.



--
_____________________________________
John Andersen
< Previous Next >
This Thread
  • No further messages