Re: rkhunter finds something suspicious
at bottom :-
On 07/05/2020, shirish शिरीष <shirishag75@gmail.com> wrote:
> Dear all,
>
> Today my system was slowing much more than ever. Hence decided to run
> rkhunter. It seems to have found some issues, could somebody take a
> look and see if these are false positives or what ?
>
>
> I don't know the hash sums it quotes are current or off-date from the
> one debian provides. I did see #651119 but it will be better if
> somebody better than me can see if everything is good or off.
>
> --
> Regards,
> Shirish Agarwal शिरीष अग्रवाल
> My quotes in this email licensed under CC 3.0
> http://creativecommons.org/licenses/by-nc/3.0/
> http://flossexperiences.wordpress.com
>
> E493 D466 6D67 59F5 1FD0 930F 870E 9A5B 5869 609C
>
First of all thank you for responding so quick. Although it would have
been better if you had also CC'ed me as well, it would have lead to
better discussion.
Anyways, I don't really know much about netstat hence used ss which is
a utility to investigate sockets. Fortunately the version of iproute2
has version 5.6.0-1 which gives the option of doing something like -
# ss -p
The commend marries/shows all local opened ports with a particular
service or something. For e.g. I never knew firefox opened up so many
ports for the web-content,
This I guess is because of firefox using the sandboxing as a security
feature [1]
What I need si something similar to meld [2] or something similar
which will cancel out the common ones or the ones known and leave out
the ones unknown/any interesting ones. If you or somebody knows
something which does something similar please share.
1. https://wiki.mozilla.org/Security/Sandbox
2. https://tracker.debian.org/pkg/meld
--
Regards,
Shirish Agarwal शिरीष अग्रवाल
My quotes in this email licensed under CC 3.0
http://creativecommons.org/licenses/by-nc/3.0/
http://flossexperiences.wordpress.com
E493 D466 6D67 59F5 1FD0 930F 870E 9A5B 5869 609C
Reply to: