> -----Ursprüngliche Nachricht-----
Von: stakanov@freenet.de Gesendet: Di. 22.12.2015 17:29 An: opensuse , Betreff: [opensuse] Have I been hacked or visited? seccheck and rkhunter outputs
I get the following two separte messages by seccheck and rkhunter.
Rkhunter:
Warning: The file properties have changed: File: /usr/bin/rkhunter Current inode: 1458231 Stored inode: 1455628 Warning: The file '/usr/bin/ssh' exists on the system, but it is not present in the 'rkhunter.dat' file. Warning: The file '/usr/sbin/sshd' exists on the system, but it is not present in the 'rkhunter.dat' file. Warning: The file properties have changed: File: /etc/rkhunter.conf Current inode: 525324 Stored inode: 525329 Warning: The file '/etc/rkhunter.d/00-opensuse.conf' exists on the system, but it is not present in the 'rkhunter.dat' file. Warning: Hidden file found: /usr/bin/.fipscheck.hmac: ASCII text
Seccheck complains about:
Please note that these security checks are neither complete nor reliable. Any attacker with proper experience and root access to your system can deceive *any* security check!
Changes in your weekly security configuration of linux-ge2e:
Please check and perhaps disable the following unused accounts: Warning: user root has got a password and a valid shell but never logged in
Question: The latter could be because of sudo? Instead for ssh and sshd I do not have any explanation. It is deactivated on this system. Has there been an update that can cause this?
lastlog does not show anything special. Only local user did log in...at least following the log.
-----Ursprüngliche Nachricht Ende-----
Now, I found a lot of new fies of ssh authentication made the 14th december of this year. I never use ssh, I do not log in remotely to my notebook and up to now I had my peace of mind to disallow ssh root login and to change the port while having everything set to disabled. Now I have a question. Somebody who does not want to use "remote" at all. What can he do to un-install every remote package. The problem is that if you un-install openssh a lot of applications of kde seemed to complain. So I tried and un-installed it. But nothing happened. Why do I have all these dependencies for features that I do not use. Wouldn't it be better to put those in a pattern to install if needed instead of putting them into kde-base? What problem do I actually have if I do not have opensssh installed at all? To me it seems none. Even tor does not seem to rely on it. So why on normal desktop systems is there ssh, if by default it is de-activated. Wouldn't an active selection with usable defaults as option not be the better choice. Thanks for educating me. P.S. Merry Christmas to everybody and for who has the itch of "politically correctness" and feels bothered by it (somebody could be pastafari, or whatever else, I know, so: seasonal greetings to them. --- Alle Postfächer an einem Ort. Jetzt wechseln und E-Mail-Adresse mitnehmen! http://email.freenet.de/basic/Informationen -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org