OS X Rootkit Hunter warnings.

JakeNZ

macrumors member
Original poster
Nov 26, 2011
31
0
New Zealand
I got the following warning when running rootkit hunter. A bit of goole searching led me to believe it was probably nothing but thought I would check on here.


Checking if SSH protocol v1 is allowed [ Warning ]
The SSH configuration option 'Protocol' has not been set.


Checking if syslog remote logging is allowed [ Warning ]
Syslog configuration file allows remote logging: install.* @127.0.0.1:32376


Performing filesystem checks
Checking /dev for suspicious file types [ Warning ]
Suspicious file types found in /dev:
/dev/fd/6: MS Windows icon resource
/dev/fd/7: MS Windows icon resource
Checking for hidden files and directories [ Warning ]
Hidden file found: /usr/share/man/man5/.rhosts.5: troff or preprocessor input text

Thanks.
 

MisterMe

macrumors G4
Jul 17, 2002
10,678
48
USA
Oh, for Heaven's Sakes. Why do you run a utility that is designed to unearth threats that are not even the subject of rumors? The most serious problem found is that you have two MS Windows icon resources. These pose absolutely no threat to you and can do absolutely nothing either good or bad on your computer.

My advice to you is is to ditch Rootkit Hunter. As far as I can tell, this little project appears to be more devoted to showing that it can run on Unix and Unix-like systems that it is to protecting these systems from real threats. Believe me--if ever there is a rootkit issue on the Mac, you will hear about it long before you are infected by it. Absent a real threat, running crap like Rootkit Hunter is like being frightened by ghost stories that you wrote.
 

iVoid

macrumors 65816
Jan 9, 2007
1,122
146
FYI, this line:
install.* @127.0.0.1:32376


127.0.0.1 is your local host. It just points to your computer itself, not a remote host of any kind. That shouldn't be an issue.

Don't know about the other items, but they don't strike me as being a problem.
 

0dev

macrumors 68040
Dec 22, 2009
3,947
23
127.0.0.1
127.0.0.1 is you, /usr/share/man/man5/.rhosts.5 is harmless (Google it), and Windows icon resources won't exactly harm you either.

I'm the paranoid type too, which is why I stay away from this kind of stuff whenever I possibly can, honestly, it just gets me worried for no reason :p
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.