Re: rkhunter errors
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 5-12-2009 14:45, Paul Cartwright wrote:
> I just got this error message back from my rkhunter cron job:
> Warning: Application 'exim', version '4.69', is out of date, and possibly a
> security risk.
> Warning: Application 'gpg', version '1.4.9', is out of date, and possibly a
> security risk.
> Warning: Application 'named', version '9.5.1', is out of date, and possibly a
> security risk.
> Warning: Application 'openssl', version '0.9.8g', is out of date, and possibly
> a security risk.
> Warning: Application 'php', version '5.2.9', is out of date, and possibly a
> security risk.
> Warning: Application 'sshd', version '5.1p1', is out of date, and possibly a
> security risk.
>
>
> yet, exim is not installed, and ssh is:
> ii ssh 1:5.1p1-5
> secure shell client and server (metapackage)
>
> which seems to me to be the latest package available to me in Lenny..
> this is a brand new error message, never seen it before.
I get the same type of errors in Lenny:
Warning: Found enabled inetd service: ident
Warning: Network TCP port 6667 is being used by
/usr/lib/j2sdk1.6-sun/bin/java. Possible rootkit: Possible rogue IRC bot
Use the 'lsof -i' or 'netstat -an' command to check this.
Warning: Application 'gpg', version '1.4.9', is out of date, and
possibly a security risk.
Warning: Application 'openssl', version '0.9.8g', is out of date, and
possibly a security risk.
Warning: Application 'php', version '5.2.6', is out of date, and
possibly a security risk.
Warning: Application 'sshd', version '5.1p1', is out of date, and
possibly a security risk.
The Java IRC service on 6667 is valid, I run a service there.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAksdaEwACgkQkPq5zKsAFij5pACfY5pGL1aB3/dw9NNT51TVmssj
XYkAnRdF0EbPXI6TK4fXBbArQkYbGMBd
=Ht6+
-----END PGP SIGNATURE-----
Reply to: