hi, rkhunter shows the following results on one of my systems:
[22:15:59] Checking for TCP port 1524 [ Warning ]
[22:15:59] Warning: Network TCP port 1524 is being used by /usr/local/apache/bin/httpd. Possible rootkit: Possible FreeBSD (FBRK) Rootkit backdoor
the log also says:
FreeBSD Rootkit [ Not found ]
Additionally, I ran rkhunter a second time.... and this time it didn't show the port 1524 message
is this a false positive related to cpanel?
[22:15:59] Checking for TCP port 1524 [ Warning ]
[22:15:59] Warning: Network TCP port 1524 is being used by /usr/local/apache/bin/httpd. Possible rootkit: Possible FreeBSD (FBRK) Rootkit backdoor
the log also says:
FreeBSD Rootkit [ Not found ]
Additionally, I ran rkhunter a second time.... and this time it didn't show the port 1524 message
is this a false positive related to cpanel?
Last edited:
