Package: rkhunter
Version: 1.3.0-1
Severity: normal
I'm getting false positives that I can't seem to disable except by
disabling the rather course grained "SCAN_MODE_DEV=THOROUGH" tests.
Warning: Suspicious files found in /dev:
/dev/shm/pulse-shm-1633006343: data
/dev/shm/network/ifstate: ASCII text
/dev/shm/resolvconf/resolv.conf: ASCII text
/dev/shm/resolvconf/interface/eth0: ASCII text
/dev/shm/resolvconf/interface/lo.pdnsd: ASCII text
Also, there is no documentation as to what a "suspicious file" in /dev
entails.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.22 (SMP w/2 CPU cores)
Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages rkhunter depends on:
ii debconf [debconf-2.0] 1.5.14 Debian configuration management sy
ii exim4 4.67-8 meta-package to ease Exim MTA (v4)
ii exim4-daemon-light [mail-tran 4.67-8 lightweight Exim MTA (v4) daemon
ii file 4.21-3 Determines file type using "magic"
ii net-tools 1.60-17 The NET-3 networking toolkit
ii perl 5.8.8-11 Larry Wall's Practical Extraction
Versions of packages rkhunter recommends:
ii binutils 2.18-1 The GNU assembler, linker and bina
ii iproute 20070313-1 Professional tools to control the
pn libmd5-perl <none> (no description available)
ii wget 1.10.2-3 retrieves files from the web
-- debconf information:
* rkhunter/cron_daily_run: true
* rkhunter/cron_db_update: true
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
