Dear Debian people,
I'm getting rkhunter mails every day and have noticed the following contents:
Warning: The file properties have changed:
File: /usr/bin/dpkg
Current hash: 77e5b6a35981d5d16310a1925d9566cd41d1b0fa
Stored hash : 84f64e4ee0a279ae5bd20462da339e7998c1c5a2
Current inode: 190559 Stored inode: 161
Current file modification time: 1268081693
Stored file modification time : 1263332111
Warning: The file properties have changed:
File: /usr/bin/dpkg-query
Current hash: 9ca28d57c1e29d3274fbb6ef0da064627c9190b1
Stored hash : e9f2df60680f8554bf660aad2d4171434ad42c0e
Current inode: 190555 Stored inode: 163
Current file modification time: 1268081693
Stored file modification time : 1263332111
Warning: The file properties have changed:
File: /usr/bin/sudo
Current hash: b50414ec4fbc62fa24435a60fe35d58fc80cf1bc
Stored hash : dcdb650d0a16dec64f2336454f84372b7827092e
Current inode: 178665 Stored inode: 1389509
Current size: 127240 Stored size: 127208
Current file modification time: 1267546475
Stored file modification time : 1233083286
Warning: Application 'exim', version '4.69', is out of date, and possibly a
security risk.
Warning: Application 'gpg', version '1.4.9', is out of date, and possibly a
security risk.
Warning: Application 'openssl', version '0.9.8g', is out of date, and possibly
a security risk.
Warning: Application 'sshd', version '5.1p1', is out of date, and possibly a
security risk.
Should I worry? What are these messages I'm seeing? Especially the ones that
are reporting that the utilities sudo, dpkg-query and dpkg have changed. How do
I know these are legitimate?
I'm running debain 5.0 on a amd64 system.
BrgdsDino
