Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

RKHunter report question

Discussion in 'Security' started by LukeDouglas, Apr 12, 2019.

  1. LukeDouglas

    LukeDouglas Active Member

    Nov 22, 2010
    Likes Received:
    Trophy Points:
    So I have been getting 5-6 emails daily from my server and been researching to do updates. However, RKHUNTER seems a bit over my head. I ran a check and have posted the results below. It looks like it is in pretty good shape but there were 5 suspect files and 1 suspect application. I believe the issue with the OpenSSL application warning is an outdated version is still on the server but I don't think it is being used by any website. As far as the files, I'm not sure why these are questionable.

    I've attached a TXT file with the results. If anyone can give me some guidance on how to resolve these issues, if they are not 'false' positives, I would appreciate your feedback.

    Attached Files:

  2. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    Hello @LukeDouglas,

    Here's a quote from our Why Can't I Clean A Hacked Machine document that offers some background information on rootkit hunters:

    It looks like the TXT file you attached shows the checks that resulted in a warning, but it doesn't offer specific details about the reason why those warnings appear or how the checks are performed. Is there any additional output about these warnings in the /var/log/rkhunter.log file?

    You may also find the discussion on the following threads useful, especially for the "file properties have changed" warnings:

    FAILED the md5sum comparison test - how to know when updates occur?
    rkhunter warning package manager verification has failed

    Thank you.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice