Fedora Linux Support Community & Resources Center

Go Back   FedoraForum.org > Fedora 19/20 > Security and Privacy
FedoraForum Search

Forgot Password? Join Us!

Security and Privacy Sadly, malware, spyware, hackers and privacy threats abound in today's world. Let's be paranoid and secure our penguins, and slam the doors on privacy exploits.

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 28th September 2007, 03:13 AM
s0ulburn26 Offline
Registered User
 
Join Date: Jan 2007
Location: Texas
Age: 34
Posts: 12
rkhunter messages

I scanned my system several times and turned on scan and selected the options '--check-listen' and '--createlogfile' there was one thing that caught my eye. below I have pasted the /var/log/rkhunter.log output maybe someone can scan through this and enlighten me as to what some of the messages are. Sorry for the length.

The one that really worried me was this

Quote:

[20:36:57] ------------------------------- Backdoors -----------------------------
[20:36:58] Checking network interfaces (promiscuous mode)... [ OK ]
[20:36:58] Performed successful test with `ip`
[20:36:58] Checking for packet capturing applications... Warning
[20:36:58] Warning! Process /sbin/dhclient (3973) listening

Here was another entry in the log file that caught my attention.

Quote:
Hidden file/dir /etc/.pwd.lock [empty] seems to be OK


After scanning this I did a check of all process id's on my machine and this one wasn't attached to a user it just had a ?' so I did a search on google and didnt find anything to elaborate on what process id 3973 is or what program or application is associated with it. Any help would be appriciated.
__________________
Quote:
The release of atomic energy has not created a new problem. It has merely made more urgent the necessity of solving an existing one. -- Albert Einstein
Reply With Quote
  #2  
Old 28th September 2007, 10:56 AM
markkuk Offline
Registered User
 
Join Date: Apr 2005
Location: Finland
Posts: 5,075
dhclient is the DHCP client program, it's needed if your network information gets defined automatically.
Process IDs are assigned in the order processes are started, they arent associated with specific applications (except id 1 for the init process).
Reply With Quote
  #3  
Old 28th September 2007, 05:27 PM
s0ulburn26 Offline
Registered User
 
Join Date: Jan 2007
Location: Texas
Age: 34
Posts: 12
I did some more digging and found out what you had just stated. I am just curious as to why RKHUNTER thinks that this is a bad thing? it threw warnings when I did the scan.
__________________
Quote:
The release of atomic energy has not created a new problem. It has merely made more urgent the necessity of solving an existing one. -- Albert Einstein
Reply With Quote
Reply

Tags
messages, rkhunter

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Yum update rkhunter 'Could not find update match for rkhunter' open4biz Security and Privacy 7 11th October 2007 02:42 AM


Current GMT-time: 20:07 (Wednesday, 23-07-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat