rkhunter warning about /etc/.java /etc/.udev /etc/.initramfs

10.04 security rkhunter
23,116

Basically ask Google, but those 3 are not dangerous!

/etc/.java is created by sun-java (and possible also by OpenJDK) /dev/.udev is created by the udevd daemon /dev/.initramfs is if I remember correctly where the initial ram filesystem is mounted during the system boot process.

Share:
23,116

Related videos on Youtube

yop83
Author by

yop83

Updated on September 17, 2022

Comments

  • yop83
    yop83 over 1 year

    I am running Ubuntu 10.04.1 LTS . I am running rkhunter to check for rootkits.

    rkhunter is complaining about the following hidden files and directories. I think these files are not a real problem on my system, but how can I check to see if these files are legitimate files?

    [07:57:45]   Checking for hidden files and directories       [ Warning ]
[07:57:45] Warning: Hidden directory found: /etc/.java
[07:57:45] Warning: Hidden directory found: /dev/.udev
[07:57:45] Warning: Hidden directory found: /dev/.initramfs

    Update

    Turns out that these directories are specifically mentioned in /etc/rkhunter.conf , which suggests that this is a frequently asked rkhunter question. From rkhunter.conf :

    #
# Allow the specified hidden directories.
# One directory per line (use multiple ALLOWHIDDENDIR lines).
#
#ALLOWHIDDENDIR=/etc/.java
#ALLOWHIDDENDIR=/dev/.udev
#ALLOWHIDDENDIR=/dev/.udevdb
#ALLOWHIDDENDIR=/dev/.udev.tdb
#ALLOWHIDDENDIR=/dev/.static
#ALLOWHIDDENDIR=/dev/.initramfs
#ALLOWHIDDENDIR=/dev/.SRC-unix
#ALLOWHIDDENDIR=/dev/.mdadm
  • Richard Holloway
    Richard Holloway almost 14 years
    +1 You get similar false positives in chkrootkit too. It is because rkhunter is set up to treat hidden directories as suspicious.
  • João Pimentel Ferreira
    João Pimentel Ferreira over 2 years
    uncomment or add the line ALLOWHIDDENDIR=/etc/.java in /etc/rkhunter.conf

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to prevent Synaptic Package Manager from asking for password?
How can I lock down ubuntu?
How do I safely use a virus infected USB drive in Ubuntu?
chkrootkit says /sbin/init is infected, what does that mean?
Rkhunter warning: file properties have changed
rkhunter warning about ssh root access when that access is not allowed on the system
rkhunter warns me about root.rules
rkhunter gives me a warning for "/usr/bin/lwp-request" - what should I do? [Debian 9]
eth0: PACKET SNIFFER(/sbin/dhclient
How to manage OAuth flow in mobile application with server