Re: [Rkhunter-users] How can I know if warnings are real problems or not?
Brought to you by:
dogsbody
Menu
▾
▴
Re: [Rkhunter-users] How can I know if warnings are real problems or not?
|
From: Ping L. <luo...@gm...> - 2017-07-13 17:12:57
|
My OS is openSUSE Leap 42.2. The partition was automatically generated when I install the OS and fdisk -l output is fdisk -l Disk /dev/sdb: 465.8 GiB, 500107862016 bytes, 976773168 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: gpt Disk identifier: 5A90E078-088D-4DC1-8E2A-2A62B12AFFA2 Device Start End Sectors Size Type /dev/sdb1 2048 321535 319488 156M EFI System /dev/sdb2 419424256 943706111 524281856 250G Microsoft basic data /dev/sdb3 943706112 976773119 33067008 15.8G Microsoft basic data /dev/sdb4 321536 84211711 83890176 40G Microsoft basic data /dev/sdb5 84211712 419424255 335212544 159.9G Microsoft basic data I am surprised to see the type is 'Microsoft basic data'. On Thu, Jul 13, 2017 at 10:25 AM, Nerijus Baliunas via Rkhunter-users < rkh...@li...> wrote: > On Thu, 13 Jul 2017 18:13:24 +0300 Nerijus Baliunas via Rkhunter-users < > rkh...@li...> wrote: > > > > I often got these warning messages from rkhunter cronjob, even when no > > > software updates happens ( I update my software manually). My > questions are > > > (1). how could this happen when there is no software update? > > > > Should not happen, unless something else changes files, like prelink. > > Are you sure you run rkhunter --propupd after software update? > > Warning: The file properties have changed: > File: /bin/systemd > Current inode: 410792 Stored inode: 268464 > > But thinking more, file checksum is not changed, only inode. > If you don't move files manually, maybe the filesystem does it? > What system is it (OS, hardware, cloud?) and what file system? > > Regards, > Nerijus > > ------------------------------------------------------------ > ------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Rkhunter-users mailing list > Rkh...@li... > https://lists.sourceforge.net/lists/listinfo/rkhunter-users > |