On Monday 28 May 2007 12:17, Jim Flanagan wrote:
Hi all,
On my new reinstall of openSuse10.2, I installed rkhunter 1. 28 and updated thru the command line.
When I run it in command line, it reports no errors. But when it runs its daily run, it reports the following 2 errors in root email....
---------- Please inspect this machine, because it can be infected ------------
----------- running daily cronjob scripts
SCRIPT: suse.de-rkhunter exited with RETURNCODE = 1. SCRIPT: output (stdout && stderr) follows
Line: Watch out Root login possible. Possible risk! Some errors has been found while checking. Please perform a manual check on this machine ziggy SCRIPT: suse.de-rkhunter ------- END OF OUTPUT
SCRIPT: output (stdout && stderr) follows
Laying out /etc/preload.d/Firefox Laying out /etc/preload.d/Gimp Laying out /etc/preload.d/Khelpcenter Laying out /etc/preload.d/Mozilla Laying out /etc/preload.d/OpenOffice Laying out /etc/preload.d/boot Laying out /etc/preload.d/cups Laying out /etc/preload.d/gdm Laying out /etc/preload.d/kde Laying out /etc/preload.d/kde.early Laying out /etc/preload.d/kdm Laying out /etc/preload.d/kdm.auto Laying out /etc/preload.d/later SCRIPT: suse.de-update-preload ------- END OF OUTPUT --------------------
Can anyone interpret this for me. I'm at a loss here. I do not get any errors or bad reports when I run rkhunter in command line. But these emails keep coming once a day.
Hi Jim, I once use rkhunter too, and I don't see any error in your email.
Line: Watch out Root login possible. Possible risk! It means that your ssh still allows root to login. For better security, we need to disable root login in ssh, by editing /etc/ssh/sshd_config, PermitRootLogin no.
Some errors has been found while checking. Please perform a manual check on this machine ziggy This is I don't now.
-- Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial http://linux2.arinet.org 2:31pm up 2:27, 2.6.18.2-34-default GNU/Linux Let's use OpenOffice. http://www.openoffice.org