I am running a Debian Wheezy server and cannot seem to clear up two rkhunter hits:
rkhunter -c --enable all --disable none --rwo
Warning: No output found from the lsmod command or the /proc/modules file: /proc/modules output: lsmod output: Warning: Process '/sbin/dhclient' (PID 4505) is listening on the network. I have add 'os_specific' to the DISABLE_TESTS section of /etc/rkhunter.conf
ENABLE_TESTS="all" DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps apps os_specific" But that hasn't helped with the /proc/modules and lsmod output errors.
I am also at a loss on how to deal with the /sbin/dhclient' warning.
dpkg -S dhclient yields:
dpkg -S dhclient bash-completion: /usr/share/bash-completion/completions/dhclient isc-dhcp-client: /sbin/dhclient-script isc-dhcp-client: /usr/share/man/man8/dhclient-script.8.gz isc-dhcp-client: /etc/dhcp/dhclient-enter-hooks.d/debug isc-dhcp-client: /usr/share/man/man5/dhclient.leases.5.gz isc-dhcp-common: /usr/share/man/ja/man8/dhclient-script.8.gz isc-dhcp-common: /usr/share/man/ja/man5/dhclient.leases.5.gz isc-dhcp-client: /usr/share/man/man5/dhclient.conf.5.gz isc-dhcp-client: /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes isc-dhcp-client: /usr/share/man/man8/dhclient.8.gz isc-dhcp-common: /usr/share/man/ja/man8/dhclient.8.gz isc-dhcp-client: /etc/dhcp/dhclient-exit-hooks.d/debug isc-dhcp-client: /etc/dhcp/dhclient-enter-hooks.d ntp, isc-dhcp-client: /etc/dhcp/dhclient-exit-hooks.d ntp: /etc/dhcp/dhclient-exit-hooks.d/ntp isc-dhcp-client: /etc/dhcp/dhclient.conf isc-dhcp-common: /usr/share/man/ja/man5/dhclient.conf.5.gz isc-dhcp-client: /sbin/dhclient Any ideas?
[link][2 comments]