OS X Rootkit Hunter warnings.

Discussion in 'Mac OS X Lion (10.7)' started by JakeNZ, Jan 25, 2012.

  1. JakeNZ macrumors member

    Joined:
    Nov 26, 2011
    Location:
    New Zealand
    #1
    I got the following warning when running rootkit hunter. A bit of goole searching led me to believe it was probably nothing but thought I would check on here.


    Checking if SSH protocol v1 is allowed [ Warning ]
    The SSH configuration option 'Protocol' has not been set.


    Checking if syslog remote logging is allowed [ Warning ]
    Syslog configuration file allows remote logging: install.* @127.0.0.1:32376


    Performing filesystem checks
    Checking /dev for suspicious file types [ Warning ]
    Suspicious file types found in /dev:
    /dev/fd/6: MS Windows icon resource
    /dev/fd/7: MS Windows icon resource
    Checking for hidden files and directories [ Warning ]
    Hidden file found: /usr/share/man/man5/.rhosts.5: troff or preprocessor input text

    Thanks.
     
  2. MisterMe macrumors G4

    MisterMe

    Joined:
    Jul 17, 2002
    Location:
    USA
    #2
    Oh, for Heaven's Sakes. Why do you run a utility that is designed to unearth threats that are not even the subject of rumors? The most serious problem found is that you have two MS Windows icon resources. These pose absolutely no threat to you and can do absolutely nothing either good or bad on your computer.

    My advice to you is is to ditch Rootkit Hunter. As far as I can tell, this little project appears to be more devoted to showing that it can run on Unix and Unix-like systems that it is to protecting these systems from real threats. Believe me--if ever there is a rootkit issue on the Mac, you will hear about it long before you are infected by it. Absent a real threat, running crap like Rootkit Hunter is like being frightened by ghost stories that you wrote.
     
  3. iVoid macrumors 65816

    Joined:
    Jan 9, 2007
    #3
    FYI, this line:
    install.* @127.0.0.1:32376


    127.0.0.1 is your local host. It just points to your computer itself, not a remote host of any kind. That shouldn't be an issue.

    Don't know about the other items, but they don't strike me as being a problem.
     
  4. 0dev macrumors 68040

    0dev

    Joined:
    Dec 22, 2009
    Location:
    127.0.0.1
    #4
    127.0.0.1 is you, /usr/share/man/man5/.rhosts.5 is harmless (Google it), and Windows icon resources won't exactly harm you either.

    I'm the paranoid type too, which is why I stay away from this kind of stuff whenever I possibly can, honestly, it just gets me worried for no reason :p
     

Share This Page