Koozali.org: home of the SME Server
Contribs.org Forums => General Discussion => Topic started by: janet on October 17, 2008, 01:16:35 AM
-
I received these messages in the daily rkhunter report.
A search of the forums & google did not find a conclusive answer.
Is this a problem, or a system occurrence that can be ignored ?
I have never seen these messages before.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Immediately following this entry was advice that a new user was added.
I checked and the new user was a valid entry made by a local admin user via user-manager.
htop shows that process (PID 24468) no longer running
Thanks
-
I received these messages in the daily rkhunter report.
A search of the forums & google did not find a conclusive answer.
Is this a problem, or a system occurrence that can be ignored ?
I have never seen these messages before.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
This I have not come across before.
Immediately following this entry was advice that a new user was added.
I checked and the new user was a valid entry made by a local admin user via user-manager.
That should be normal behavior, it is even mentioned in the README.txt on the 7.3 ISO (http://fisheye1.atlassian.com/browse/~raw,r=1.20/smeserver/cdrom.image/README.txt).
-
Warning: Process '/usr/sbin/httpd' (PID 24468) is listening on the network.
It would be surprising to me if /usr/sbin/httpd were not listening on the network.
I have no idea why rkhunter bothers to tell you about this.
google for rkhunter and 'false positive' and I expect you'll find lots of hits.
-
cactus
That should be normal behavior...
Yes I understand that valid system changes will be notified in the next rkhunter report.
Charlie & cactus
It seems that the report about /usr/sbin/httpd is simply a false positive of a valid process.
If Charlie doesn't know why rkhunter generated it, then it's not likely any of us will know.
As it appears to be a "one off", I'll ignore it with safety.
Thanks all.