spookie79
Member
Hallo,
jede Nacht erhalte ich eine Email von rkhunter. Ich dachte das kommt nur bei schwerwiegenenden Problemen oder wenn etwas schlimmes gefunden wurde. So muss man jeden Tag reinschauen in die Mail.
Vielleicht könnt Ihr mich aufklären, was bei den folgenden Meldungen meinerseits zu tun wäre.
Ist ein Strato VServer mit Ubuntu14 LTS.
--------------
[01:00:44] Checking '/etc/xinetd.d/ftp_psa' for enabled services [ Warning ]
[01:00:44] Checking '/etc/xinetd.d/poppassd_psa' for enabled services [ Warning ]
[01:00:45] Checking for enabled xinetd services [ Warning ]
[01:00:45] Warning: Found enabled xinetd service: /etc/xinetd.d/ftp_psa
[01:00:45] Warning: Found enabled xinetd service: /etc/xinetd.d/poppassd_psa
--------------
[01:00:45] Performing Linux specific checks
[01:00:45] Info: Starting test name 'os_specific'
[01:00:45] Checking loaded kernel modules [ Warning ]
[01:00:45] Warning: No output found from the lsmod command or the /proc/modules file:
[01:00:45] /proc/modules output:
[01:00:45] lsmod output:
[01:00:45] Info: Using modules pathname of '/lib/modules/3.13.0-042stab111.12'
[01:00:45] Checking kernel module names [ OK ]
--------------
[01:00:47] Info: Found SSH configuration file: /etc/ssh/sshd_config
[01:00:47] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'unset'.
[01:00:47] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '2'.
[01:00:47] Checking if SSH root access is allowed [ Warning ]
[01:00:47] Warning: The SSH and rkhunter configuration options should be the same:
[01:00:47] SSH configuration option 'PermitRootLogin': yes
[01:00:47] Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': unset
[01:00:47] Checking if SSH protocol v1 is allowed [ Not allowed ]
--------------
[01:00:47] Info: SCAN_MODE_DEV set to 'THOROUGH'
[01:00:47] Checking /dev for suspicious file types [ None found ]
[01:00:48] Checking for hidden files and directories [ Warning ]
[01:00:48] Warning: Hidden file found: /dev/.udev: directory
----> hier liegt eine root.rules Datei
--------------
Vorab vielen Dank
jede Nacht erhalte ich eine Email von rkhunter. Ich dachte das kommt nur bei schwerwiegenenden Problemen oder wenn etwas schlimmes gefunden wurde. So muss man jeden Tag reinschauen in die Mail.
Vielleicht könnt Ihr mich aufklären, was bei den folgenden Meldungen meinerseits zu tun wäre.
Ist ein Strato VServer mit Ubuntu14 LTS.
--------------
[01:00:44] Checking '/etc/xinetd.d/ftp_psa' for enabled services [ Warning ]
[01:00:44] Checking '/etc/xinetd.d/poppassd_psa' for enabled services [ Warning ]
[01:00:45] Checking for enabled xinetd services [ Warning ]
[01:00:45] Warning: Found enabled xinetd service: /etc/xinetd.d/ftp_psa
[01:00:45] Warning: Found enabled xinetd service: /etc/xinetd.d/poppassd_psa
--------------
[01:00:45] Performing Linux specific checks
[01:00:45] Info: Starting test name 'os_specific'
[01:00:45] Checking loaded kernel modules [ Warning ]
[01:00:45] Warning: No output found from the lsmod command or the /proc/modules file:
[01:00:45] /proc/modules output:
[01:00:45] lsmod output:
[01:00:45] Info: Using modules pathname of '/lib/modules/3.13.0-042stab111.12'
[01:00:45] Checking kernel module names [ OK ]
--------------
[01:00:47] Info: Found SSH configuration file: /etc/ssh/sshd_config
[01:00:47] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'unset'.
[01:00:47] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '2'.
[01:00:47] Checking if SSH root access is allowed [ Warning ]
[01:00:47] Warning: The SSH and rkhunter configuration options should be the same:
[01:00:47] SSH configuration option 'PermitRootLogin': yes
[01:00:47] Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': unset
[01:00:47] Checking if SSH protocol v1 is allowed [ Not allowed ]
--------------
[01:00:47] Info: SCAN_MODE_DEV set to 'THOROUGH'
[01:00:47] Checking /dev for suspicious file types [ None found ]
[01:00:48] Checking for hidden files and directories [ Warning ]
[01:00:48] Warning: Hidden file found: /dev/.udev: directory
----> hier liegt eine root.rules Datei
--------------
Vorab vielen Dank