rkhunter warning wget
|
View:
New views
6 Messages
—
Rating Filter:
Alert me
|
 |
rkhunter warning wget
by maex
::
Rate this Message:
hello
after updateing wget on Linux version 2.6.26-2-686 (Debian 2.6.26-19) Lenny i received a waring from rkhunter: Warning: The file properties have changed: File: /usr/bin/wget Current hash: 2d5d175c449eecfda43401a7a66b8a369859524d Stored hash : 1725543768f7e1b2a32136ca1799213a8bdb886b Current inode: 137892 Stored inode: 140983 Current size: 226292 Stored size: 226260 Current file modification time: 1255005510 Stored file modification time : 1220829421 could this be serious? m -- To UNSUBSCRIBE, email to debian-security-REQUEST@... with a subject of "unsubscribe". Trouble? Contact listmaster@... |
|
|
Re: rkhunter warning wget
by Steve Kemp
::
Rate this Message:
On Thu Oct 15, 2009 at 17:55:39 +0200, maex@... wrote:
> after updateing wget on > > Linux version 2.6.26-2-686 (Debian 2.6.26-19) Lenny > > i received a waring from rkhunter: > > Warning: The file properties have changed: > File: /usr/bin/wget > Current hash: 2d5d175c449eecfda43401a7a66b8a369859524d > Stored hash : 1725543768f7e1b2a32136ca1799213a8bdb886b > Current inode: 137892 Stored inode: 140983 > Current size: 226292 Stored size: 226260 > Current file modification time: 1255005510 > Stored file modification time : 1220829421 You've applied a security update, which has changed the binary /usr/bin/wget. The alert is telling you that the binary has changed, and since this is expected (because you've applied the security update) the alert is informational not a real report. Steve -- Debian GNU/Linux System Administration http://www.debian-administration.org/ -- To UNSUBSCRIBE, email to debian-security-REQUEST@... with a subject of "unsubscribe". Trouble? Contact listmaster@... |
|
|
Re: rkhunter warning wget
by Eduardo M KALINOWSKI-4
::
Rate this Message:
On Qui, 15 Out 2009, wrote:
> hello > > after updateing wget on > > Linux version 2.6.26-2-686 (Debian 2.6.26-19) Lenny > > i received a waring from rkhunter: > > Warning: The file properties have changed: > File: /usr/bin/wget > Current hash: 2d5d175c449eecfda43401a7a66b8a369859524d > Stored hash : 1725543768f7e1b2a32136ca1799213a8bdb886b > Current inode: 137892 Stored inode: 140983 > Current size: 226292 Stored size: 226260 > Current file modification time: 1255005510 > Stored file modification time : 1220829421 > > could this be serious? Depends. Did you upgrade wget? In this case it's normal (even expected) that the file changes. There was a security update for wget recently. -- QOTD: "I used to be an idealist, but I got mugged by reality." Eduardo M KALINOWSKI eduardo@... -- To UNSUBSCRIBE, email to debian-security-REQUEST@... with a subject of "unsubscribe". Trouble? Contact listmaster@... |
|
|
Re: rkhunter warning wget
by Jens Schüßler-2
::
Rate this Message:
* maex@... <maex@...> wrote:
> hello > > after updateing wget on > > Linux version 2.6.26-2-686 (Debian 2.6.26-19) Lenny > > i received a waring from rkhunter: > > Warning: The file properties have changed: > File: /usr/bin/wget > Current hash: 2d5d175c449eecfda43401a7a66b8a369859524d > Stored hash : 1725543768f7e1b2a32136ca1799213a8bdb886b > Current inode: 137892 Stored inode: 140983 > Current size: 226292 Stored size: 226260 > Current file modification time: 1255005510 > Stored file modification time : 1220829421 > > > could this be serious? It's normal that the hash change after an upgrade. Take a look at ,----[ /usr/share/doc/rkhunter/README.Debian ]- | * HASH CHECKS | By default, all hashes checks are now ENABLED in the standard daily cron | job. | | Add the 'hashes' and 'attributes' tests to the DISABLED_TESTS option in | /etc/rkhunter.conf if you wish to disable them. | | If enabled, each time a base package is upgraded, you will have to run: | 'rkhunter --propupd' to update the file properties database located | in /var/lib/rkhunter/db/rkhunter.dat. | | This can be done automatically after each install/remove. Please run: | # dpkg-reconfigure rkhunter | to enable this feature. | `---- HTH Jens -- To UNSUBSCRIBE, email to debian-security-REQUEST@... with a subject of "unsubscribe". Trouble? Contact listmaster@... |
|
|
Re: rkhunter warning wget
by maex
::
Rate this Message:
hello
thanks eduardo jens and steve for the fast answers. i was guessing that but i wanted to make it shure. thanks! best maex On Thu, Oct 15, 2009 at 05:24:11PM +0100, Steve Kemp wrote: > On Thu Oct 15, 2009 at 17:55:39 +0200, maex@... wrote: > > > after updateing wget on > > > > Linux version 2.6.26-2-686 (Debian 2.6.26-19) Lenny > > > > i received a waring from rkhunter: > > > > Warning: The file properties have changed: > > File: /usr/bin/wget > > Current hash: 2d5d175c449eecfda43401a7a66b8a369859524d > > Stored hash : 1725543768f7e1b2a32136ca1799213a8bdb886b > > Current inode: 137892 Stored inode: 140983 > > Current size: 226292 Stored size: 226260 > > Current file modification time: 1255005510 > > Stored file modification time : 1220829421 > > > You've applied a security update, which has changed > the binary /usr/bin/wget. > > The alert is telling you that the binary has changed, > and since this is expected (because you've applied the security update) > the alert is informational not a real report. > > Steve > -- > Debian GNU/Linux System Administration > http://www.debian-administration.org/ > -- To UNSUBSCRIBE, email to debian-security-REQUEST@... with a subject of "unsubscribe". Trouble? Contact listmaster@... |
|
|
Re: rkhunter warning wget
by Paul M. Maxim
::
Rate this Message:
--------------------------------------------------
From: <maex@...> Sent: Thursday, October 15, 2009 10:53 AM To: "Steve Kemp" <skx@...> Cc: <debian-security@...> Subject: Re: rkhunter warning wget > hello > > thanks eduardo jens and steve for the fast answers. > i was guessing that but i wanted to make it shure. > > thanks! > > best > maex > > You may want to update rkhunter's data file to prevent this exact alert from showing up in the future (rkhunter --propupd). Paul -- To UNSUBSCRIBE, email to debian-security-REQUEST@... with a subject of "unsubscribe". Trouble? Contact listmaster@... |
| Free embeddable forum powered by Nabble | Forum Help |
