Failed Checksum

[nagyosha]

i have a 7 days old install..
had a message yesterday as i have CSF installed

The following list of files have FAILED the md5sum comparison test. This means that the file has been changed in some way. This could be a result of an OS update or application upgrade. If the change is unexpected it should be investigated:
/bin/crontab: FAILED
/bin/passwd: FAILED

both are symlinks i think to
crontab - /bin/crontab: symbolic link to `../usr/local/cpanel/bin/jail_safe_crontab'
passed - /bin/passwd: symbolic link to `../usr/local/cpanel/bin/jail_safe_passwd'

my concern is that this was not flagged up until a few days after install


so installed RKhunter.. and heres what it says ..

FREE A-AST RKHunter cPanel Plugin v2.0
Please wait, this may take sometime...
Warning: Package manager verification has failed:
File: /bin/mount
The file permissions have changed
Warning: Package manager verification has failed:
File: /bin/ping
The file permissions have changed
Warning: Package manager verification has failed:
File: /bin/su
The file permissions have changed
The file group has changed
Warning: Package manager verification has failed:
File: /usr/bin/locate
The file permissions have changed
Warning: Package manager verification has failed:
File: /usr/bin/newgrp
The file permissions have changed

 

[cPanelMichael]

Hello

Those warnings look like false positives, but keep in mind that those are not applications developed by cPanel. If you are concerned about server security, it's highly recommended that you consult with a qualified system administrator or security specialist. Or, you may want to post those warnings on the support forums of those applications to see if the developers can provide more insight.

Thank you.

 

[popeye]

You get these mostly after a cpanel update i had this tonight

 

[nowhere]

Hi, same thing happened to me.
The server is one week old and rkhunter reports as well:

---------------------- Start Rootkit Hunter Scan ----------------------
Warning: Package manager verification has failed:
File: /bin/mount
The file permissions have changed
Warning: Package manager verification has failed:
File: /bin/ping
The file permissions have changed
Warning: Package manager verification has failed:
File: /bin/su
The file permissions have changed
The file group has changed
Warning: Package manager verification has failed:
File: /usr/bin/locate
The file permissions have changed
Warning: Package manager verification has failed:
File: /usr/bin/newgrp
The file permissions have changed
---------------------- Start Rootkit Hunter Scan ----------------------

I've searched around for solution, I've tried to remove and install again rkhunter and I've updated rkhunter --propupd but the problem is still there.

Of course I could tell rkhunter to ignore them but it's not so safe.
Has anyone the same problem?

Thanks

 

[cPanelMichael]

You may find this thread helpful:

Some files failed MD5

Thank you.