Since yesterday i have this alert!
/etc/cron.daily/01-rkhunter:
Warning: File '/tmp/sess_e01e4ddd948bbc9161fa5b0cf7221dfe' (score: 286) contains some suspicious content and should be checked.
Warning: File '/tmp/hsperfdata_tomcat/4596' (score: 261) contains some suspicious content and should be checked.
Warning: File '/tmp/sess_9fb62bb504fdd88a4ccb6a283ba434c2' (score: 221) contains some suspicious content and should be checked.
Warning: Possible promiscuous interfaces:
'ifconfig' command output: UP BROADCAST RUNNING PROMISC ALLMULTI MULTICAST MTU:1500 Metric:1
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
'ip' command output: eth0
'ip' command output: tap0
Warning: Process '/sbin/pppoe' (PID 8226) is listening on the network.
Warning: Process '/sbin/pppoe' (PID 8226) is listening on the network.
Warning: The SSH and rkhunter configuration options should be the same:
SSH configuration option 'PermitRootLogin': yes
Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': no
Warning: Suspicious file types found in /dev:
/dev/shm/suspscan.1136.strings: ASCII text, with very long lines
/dev/shm/suspscan.9857.strings: ASCII text, with very long lines
/dev/shm/suspscan.21927.strings: ASCII text, with very long lines
/dev/shm/suspscan.20268.strings: ASCII text, with very long lines
/dev/shm/suspscan.462.strings: ASCII text, with very long lines
Warning: Hidden directory found: /etc/.java
One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter.log)
/etc/cron.daily/sa_update:
'spamassassin' is not a valid service nameDoes amyone can help me to solve that?
I did nothing on the server, no install, no remove before this alert came.
I have seen on the Ixus forum that i'm not the only one
http://forums.ixus.fr/viewtopic.php?t=39725dave
4 Replies
2443 Views