rkhunter "debugging" howto

sudo apt-get install rkhunter

sudo rkhunter --propupd

sudo rkhunter --versioncheck

sudo rkhunter --checkall

/usr/bin/mail

/usr/bin/bsd/mail-x

checking /dev for susp. files

checking hidden files and direct

/usr/bin/lwp-request

Warning: Hidden directory found: /dev/.static

Warning: Hidden directory found: /dev/.udev

Warning: Hidden directory found: /dev/.initramfs

To avoid these warnings, you can reconfigure rkhunter to ignore these files via whitelisting these warnings. Edit the rkhunter.conf file: gedit /etc/rkhunter.conf and remove the # in front of these lines:

#ALLOWHIDDENDIR=/dev/.udev

#ALLOWHIDDENDIR=/dev/.static

#ALLOWHIDDENDIR=/dev/.initramfs

ALLOWHIDDENDIR=/dev/.udev

ALLOWHIDDENDIR=/dev/.static

ALLOWHIDDENDIR=/dev/.initramfs

Un-comment the related ALLOWHIDDENDIR and ALLOWHIDDENFILE lines.

RKhunter (last edited 2011-10-28 04:57:06 by 50-35-176-190)