System Security

Bob Cortez rjcortez at gmail.com
Thu May 8 22:23:34 UTC 2008 

While using Firefox lately, I've been getting these random sites attempting
load - not pop ups - sometimes I'll get a system message saying it's not a
valid destination, other times it just  goes to the URL..  I've installed
firestarter, and have ran chkrootkit and rkhunter.  Everything came back
looking fine except for the warnings below from the rkhunter log.  I'd like
to know what I should do about these, (if anything) and how to do it.

[13:50:03] Performing system configuration file checks
[13:50:03] Info: Starting test name 'system_configs'
[13:50:03]   Checking for SSH configuration file             [ Found ]
[13:50:03] Info: Found SSH configuration file: /etc/ssh/sshd_config
[13:50:03] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'no'.
[13:50:03]   Checking if SSH root access is allowed          [ Warning ]
[13:50:03] Warning: The SSH and rkhunter configuration options should be the
same:
[13:50:03]          SSH configuration option 'PermitRootLogin': yes
[13:50:03]          Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': no
[13:50:03]   Checking if SSH protocol v1 is allowed          [ Not allowed ]
[13:50:03]   Checking for running syslog daemon              [ Found ]
[13:50:03]   Checking for syslog configuration file          [ Found ]
[13:50:03] Info: Found syslog configuration file: /etc/syslog.conf
[13:50:03]   Checking if syslog remote logging is allowed    [ Not allowed ]
[13:50:03]
[13:50:03] Performing filesystem checks
[13:50:03] Info: Starting test name 'filesystem'
[13:50:03] Info: SCAN_MODE_DEV set to 'THOROUGH'
[13:50:19]   Checking /dev for suspicious file types         [ Warning ]
[13:50:20] Warning: Suspicious files found in /dev:
[13:50:20]          /dev/shm/pulse-shm-3847722622: data
[13:50:20]   Checking for hidden files and directories       [ Warning ]
[13:50:20] Warning: Hidden directory found: /etc/.java
[13:50:20] Warning: Hidden directory found: /dev/.static
[13:50:20] Warning: Hidden directory found: /dev/.udev
[13:50:20] Warning: Hidden directory found: /dev/.initramfs

As always, thanks for the help.

Bpb
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20080508/645b70a7/attachment.html>

More information about the ubuntu-users mailing list