$ grep Warning rkhunter.log
[06:47:36] Warning: Checking for prerequisites [ Warning ]
[06:47:36] Warning: WARNING! It is the users responsibility to ensure that when the '--propupd' option
[06:47:39] /bin/which [ Warning ]
[06:47:39] Warning: The command '/bin/which' has been replaced by a script: /bin/which: POSIX shell script text executable
[06:47:40] /usr/bin/groups [ Warning ]
[06:47:40] Warning: The command '/usr/bin/groups' has been replaced by a script: /usr/bin/groups: POSIX shell script text executable
[06:47:40] /usr/bin/ldd [ Warning ]
[06:47:40] Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne-Again shell script text executable
[06:47:43] /usr/bin/lwp-request [ Warning ]
[06:47:43] Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: a /usr/bin/perl -w script text executable
[06:47:45] /usr/sbin/adduser [ Warning ]
[06:47:45] Warning: The command '/usr/sbin/adduser' has been replaced by a script: /usr/sbin/adduser: a /usr/bin/perl script text executable
[06:49:35] Checking for string 'hdparm' [ Warning ]
[06:49:36] Warning: Checking for possible rootkit strings [ Warning ]
[06:49:37] Checking for enabled inetd services [ Warning ]
[06:49:38] Warning: Found enabled inetd service: talk
[06:49:38] Warning: Found enabled inetd service: ntalk
[06:49:38] Checking loaded kernel modules [ Warning ]
[06:49:38] Warning: No output found from the lsmod command or the /proc/modules file:
[06:51:07] Checking if SSH root access is allowed [ Warning ]
[06:51:07] Warning: The SSH and rkhunter configuration options should be the same:
[06:51:25] Checking version of GnuPG [ Warning ]
[06:51:25] Warning: Application 'gpg', version '1.4.9', is out of date, and possibly a security risk.
[06:51:25] Checking version of OpenSSL [ Warning ]
[06:51:25] Warning: Application 'openssl', version '0.9.8g', is out of date, and possibly a security risk.
[06:51:25] Checking version of PHP [ Warning ]
[06:51:25] Warning: Application 'php', version '5.2.6', is out of date, and possibly a security risk.
[06:51:25] Checking version of OpenSSH [ Warning ]
[06:51:25] Warning: Application 'sshd', version '5.1p1', is out of date, and possibly a security risk.
aside from the PermitRootLogin = yes, does this mean that the vps was compromised?
--
Regards,
Umarzuki Mochlis
http://debmal.my