Security

Determine rkhunter false positive on Redhat

rkhunter has given several warnings (“One or more warnings have been found while checking the system.”) lately and this has forced me to check the installations repeatedly only to determine the fact that it was a false positive. On Redhat systems and their derivatives (Fedora, CentOS…) a easy check can be performed to determine if […]

Read More
Security

Determine false positive from rkhunter

I’ve installed rkhunter, a rootkit checking script, on a Ubuntu 7.10 (Gutsy Gibbons) distro and today it mailed a message saying that 3 files had their properties changed. The files were /usr/bin/chattr, /usr/bin/lsattr and /usr/bin/perlBefore doing anything I tried to update rkhunter to see if there had been any updates to fix this message rkhunter –update […]

Read More