Re: Suspicious file found in /dev/shm with Rkhunter
On Fri, 20 Feb 2015 11:47:02 +0100
Marko Randjelovic <markoran@eunet.rs> wrote:
> On Fri, 20 Feb 2015 09:44:27 +0100
> Petter Adsen <petter@synth.no> wrote:
>
> > On Fri, 20 Feb 2015 08:18:37 +0100
> > Marko Randjelovic <markoran@eunet.rs> wrote:
> >
> > > While trying to find out how to eliminate messages:
> > >
> > > Warning: Hidden directory found: /etc/.java
> > > Warning: Hidden directory found: /dev/.udev
> > > Warning: Hidden directory found: /dev/.initramfs
> > >
> > > which are made by rkhunter every morning as cron job, one more message
> > > appeared (when ran /etc/cron.daily/rkhunter manualy).
> > >
> > > Warning: Suspicious file types found in /dev:
> > > /dev/shm/suspscan.21242.strings: ASCII text
> > >
> > > You can find the file attached. Besides editing /etc/rkhunter.conf,
> > > man rkhunter, run rkhunter from command line and
> > > run /etc/cron.daily/rkhunter, I was reading https://lists.debian.org
> > > and debian mailing lists messages from my email client. I visited
> > > http://www.turkoglu.me/ which was listed in one of emails with links2
> > > web browser.
> >
> > Look at:
> >
> > http://sourceforge.net/p/rkhunter/mailman/rkhunter-users/thread/1193180950.2751.143.camel@ash.trees99.org.uk/
> >
> > It is a file created by rkhunter.
> >
> > Petter
> >
>
> I upgraded rkhunter to 1.3.8-10~bpo60+1 and am trying to see
> if the problem disappeared.
>
> Regards
>
Unfortunately, even with Wheezy version, the problem persists.
--
http://markorandjelovic.hopto.org
One should not be afraid of humans.
Well, I am not afraid of humans, but of what is inhuman in them.
Ivo Andric, "Signs near the travel-road"
Reply to: