Archive for July, 2012

I keep getting those mails from rkhunter recentrly

One or more warnings have been found while checking the system.

Warning: Hidden directory found: /dev/.udev
Warning: Hidden directory found: /dev/.initramfs

i had to reconfigure rkhunter to stop report false positive warnings

vim /etc/rkhunter.conf

and remove the # in fron of the following lines:

ALLOWHIDDENDIR=/dev/.udev
ALLOWHIDDENDIR=/dev/.initramfs

UPDATED
When i updated to rkhunter 1.4.0 i got more warnings in my debian 6 system
I just added this to rkhunter.conf to get rid off them

ALLOWHIDDENDIR=/dev/.udev
ALLOWHIDDENDIR=/dev/.initramfs

ALLOWDEVFILE="/dev/.udev/queue.bin"
ALLOWDEVFILE="/dev/.udev/rules.d/61-dev-root-link.rules"
ALLOWDEVFILE="/dev/.udev/db/block:*"
ALLOWDEVFILE="/dev/.udev/db/input:*"
ALLOWDEVFILE="/dev/.udev/db/sound:*"
ALLOWDEVFILE="/dev/.udev/db/usb:*"
ALLOWDEVFILE="/dev/.udev/db/net:*"
ALLOWDEVFILE="/dev/.udev/db/serio:*"
Advertisements