Hi everyone
Can anyone help me understand these warnings?
********** If this only false positive...
- Found file '/var/run/udev.pid'. Possible rootkit: xorddos component
Warning: The following suspicious (large) shared memory segments have been found:
Process: /usr/bin/vncviewer PID: 4373 Owner: mario Size: 2,2MB (configured size allowed: 1,0MB)
Process: /usr/bin/xfce4-terminal PID: 6189 Owner: mario Size: 16MB (configured size allowed: 1,0MB)
********* what are that?
Warning: The command '/usr/bin/egrep' has been replaced by a script: /usr/bin/egrep: POSIX shell script, ASCII text executable
Warning: The command '/usr/bin/fgrep' has been replaced by a script: /usr/bin/fgrep: POSIX shell script, ASCII text executable
Warning: The command '/usr/bin/which' has been replaced by a script: /usr/bin/which: POSIX shell script, ASCII text executable
Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: Perl script text executable
Bottom a complete output
Code: Select all
mario@mx-19:~
$ sudo rkhunter -c --rwo
Warning: The command '/usr/bin/egrep' has been replaced by a script: /usr/bin/egrep: POSIX shell script, ASCII text executable
Warning: The command '/usr/bin/fgrep' has been replaced by a script: /usr/bin/fgrep: POSIX shell script, ASCII text executable
Warning: The command '/usr/bin/which' has been replaced by a script: /usr/bin/which: POSIX shell script, ASCII text executable
Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: Perl script text executable
Warning: Checking for possible rootkit files and directories [ Warning ]
Found file '/var/run/udev.pid'. Possible rootkit: xorddos component
Warning: The following suspicious (large) shared memory segments have been found:
Process: /usr/bin/vncviewer PID: 4373 Owner: mario Size: 2,2MB (configured size allowed: 1,0MB)
Process: /usr/bin/xfce4-terminal PID: 6189 Owner: mario Size: 16MB (configured size allowed: 1,0MB)
Warning: Hidden directory found: /etc/.java
Thanks in advence...