Are thes files usually scripts in Ubuntu?
crp at cmc.net
Thu Jan 1 16:51:54 UTC 2009
Brian McKee wrote:
> On Wed, Dec 31, 2008 at 11:14 PM, Ray Parrish <crp at cmc.net> wrote:
>> I was reading article from some of the magazines I get in email today
>> and ran across one about Root Kit Hunter for Linus, so I decided to
>> install and run it just to see what it said. It found no root kits, but
>> did give me a warning on the following five files.
>> [13:17:33] /bin/which [ Warning ]
>> [13:17:33] Warning: The command '/bin/which' has been replaced by a
>> script: /bin/which: POSIX shell script text executable
>> [13:17:35] /usr/bin/groups [ Warning ]
>> [13:17:35] Warning: The command '/usr/bin/groups' has been replaced by a
>> script: /usr/bin/groups: POSIX shell script text executable
>> [13:17:36] /usr/bin/ldd [ Warning ]
>> [13:17:36] Warning: The command '/usr/bin/ldd' has been replaced by a
>> script: /usr/bin/ldd: Bourne-Again shell script text executable
>> [13:17:40] /usr/bin/lwp-request [ Warning ]
>> [13:17:41] Warning: The command '/usr/bin/lwp-request' has been replaced
>> by a script: /usr/bin/lwp-request: perl script text executable
>> [13:17:43] /usr/sbin/adduser [ Warning ]
>> [13:17:43] Warning: The command '/usr/sbin/adduser' has been replaced by
>> a script: /usr/sbin/adduser: perl script text executable
>> Since this Root Kit Hunter isn't specifically designed for Ubuntu but
>> claimed to be cross platform for all Linux machines I would like to know
>> if it's normal for the preceding files to be scripts in Ubuntu Hardy
>> Heron instead of binary files.
> Hi Ray
> I run rkhunter on all the desktops at work, and once you tune it up it
> is reassuring :-)
> Hopefully you installed it from the repositories, the ubuntu version
> has some nice additions that the vanilla one on the sourceforge site
> doesn't - e.g. it automatically runs the update script when you
> install things so it doesn't warn you about them etc.
> You should also have seen warnings about some hidden files and directories.
> I think the best way for you to be comfortable is to check all the
> files it warns about when you are booted from a fresh install or the
> live cd.
> If you'd prefer something less reliable, shoot me an email tomorrow
> and I'll send you my config file I use with all the relevant files
> You should also have seen
No, I couldn't find it in synaptic, so I installed the one from
Sourceforge. I tried searching on root kit, and one package that only
looked for around five versions of root kits showed up, and nothing
else. I didn't think of searching on rkhunter instead, it just came to
me while writing this.
Is there a way to make it search my mounted Windows drives? I'm more
concerned about them, as I'm getting some strange behavior on that side
of this box.
Later, Ray Parrish
http://www.rayslinks.com/ Web index of human reviewed links.
Trouble shooting and Fixing Windows
http://www.writingsoftheschizophrenic.com My poetry in web pages
More information about the ubuntu-users