Hi, is there anybody who can explain the security report generated by rkhunter? At first: default install includes SSHD with remote root login allow, all users remote login allowed, SSH protocol 1 allowed... during install is SSH disallowed, but SSHD runnig after install... At second: after some online updates, I tried to run rkhunter and its reporting invisible /dev/tmpblablabla... and some two other files corresponding with this one... this was too confusing and I killed this by command rm /dev/tmpblabla... I have no idea what it was, but rkhunter reported that system is infected... I have no backup of this, but the machine still runnig and I can make some investigation, but I don't know how to do it. Does the second problem means, that openSUSE 10.2 has security hole in default install and fresh installation can be exploited remotly during/after online update, when making fresh install? Or one of the online repositories includes package with backdoor? Any suggestions? Pavel Chalupa