After running Rootkit Hunter Scan....

Discussion in 'General' started by Jcorrea920, Apr 6, 2006.

  1. Jcorrea920

    Jcorrea920 New Member

    I have the Perfect set up with Fedora Core 4.
    Apache 2.0.54
    PHP 5.0
    MySQL 4.1.16
    ISPConfig 2.2.0

    So my question is that after I run the rkhunter I am advised to inspect two hidden folders with hidden files inside of them.
    What exactly am I looking for? How do I know if these are evil files or necessary for my system?
    Code:
    [postmaster@ccs02 ~]$ ls -la /dev/.udevdb
total 92
drwxr-xr-x   2 root root  500 Feb 16 11:14 .
drwxr-xr-x  10 root root 5000 Feb 16 11:15 ..
-rw-r--r--   1 root root   21 Feb 16 03:14 block@fd0
-rw-r--r--   1 root root  226 Feb 16 03:14 block@hda
-rw-r--r--   1 root root  469 Feb 16 03:14 block@hda@hda1
-rw-r--r--   1 root root  437 Feb 16 03:14 block@hda@hda2
-rw-r--r--   1 root root  476 Feb 16 03:14 block@hda@hda3
-rw-r--r--   1 root root   31 Feb 16 03:14 block@hdc
-rw-r--r--   1 root root   38 Feb 16 03:14 block@hdd
-rw-r--r--   1 root root   23 Feb 16 03:14 block@ram0
-rw-r--r--   1 root root   19 Feb 16 03:14 block@ram1
-rw-r--r--   1 root root   23 Feb 16 03:14 class@input@event0
-rw-r--r--   1 root root   21 Feb 16 03:14 class@input@mice
-rw-r--r--   1 root root   23 Feb 16 03:14 class@input@mouse0
-rw-r--r--   1 root root   19 Feb 16 03:14 class@mem@null
-rw-r--r--   1 root root   25 Feb 16 11:14 class@misc@device-mapper
-rw-r--r--   1 root root   19 Feb 16 11:14 class@printer@lp0
-rw-r--r--   1 root root   24 Feb 16 11:14 class@sound@controlC0
-rw-r--r--   1 root root   23 Feb 16 03:14 class@sound@midiC0D0
-rw-r--r--   1 root root   24 Feb 16 03:14 class@sound@pcmC0D0c
-rw-r--r--   1 root root   24 Feb 16 03:14 class@sound@pcmC0D0p
-rw-r--r--   1 root root   24 Feb 16 03:14 class@sound@pcmC0D1p
-rw-r--r--   1 root root   24 Feb 16 03:14 class@sound@pcmC0D2p
-rw-r--r--   1 root root   18 Feb 16 03:14 class@sound@seq
-rw-r--r--   1 root root   21 Feb 16 03:14 class@sound@timer
    Code:
    [postmaster@ccs02 ~]$ ls -la /etc/.pwd.lock
-rw-------  1 root root 0 Sep 15  2005 /etc/.pwd.lock
    Am I in big trouble or what?:confused:
     
    Jcorrea920, Apr 6, 2006
    #1
  2. falko

    falko Super Moderator Howtoforge Staff

    rkhunter is always complaining about those files/directories. Nothing to worry about. :)
     
    falko, Apr 6, 2006
    #2
  3. Jcorrea920

    Jcorrea920 New Member

    Thanks for your quick response

    Thanks for your help...:)
     
    Jcorrea920, Apr 6, 2006
    #3

Share This Page