The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

rkhunter: VAX-order 68K Blit (standalone) executable

Discussion in 'Security' started by bloatedstoat, Oct 19, 2015.

  1. bloatedstoat

    bloatedstoat Well-Known Member

    Joined:
    Jun 14, 2012
    Messages:
    78
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Victoria, Australia
    cPanel Access Level:
    Root Administrator
    This just cropped up in our rkhunter log and I've never come across this one before.

    Warning: Suspicious file types found in /dev:
    /dev/.udev/queue.bin: VAX-order 68K Blit (standalone) executable

    Makes me feel a bit uneasy.
    Anyone know if I should be uneasy!
    Thanks.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    653
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You can search for "/dev/.udev/queue.bin" on a search engine such as Google and there are a few results with discussions of this report from RKHunter.

    Thank you.
     
  3. bloatedstoat

    bloatedstoat Well-Known Member

    Joined:
    Jun 14, 2012
    Messages:
    78
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Victoria, Australia
    cPanel Access Level:
    Root Administrator
    Thanks Michael, I did just that before submitting the post. Actually I searched for "VAX-order 68K Blit" and that threw up a bunch of results; some relating to malware and another to backdoors on switches. The warning has now gone in the log. I was unable to find any reference to "/dev/.udev/queue.bin" with VAX-order on Google however.

    Thank you for taking the time to answer this query.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    653
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You may need to consult with a qualified system administrator or security expert if you want to have your system examined to determine if it was exploited.

    Thank you.
     
Loading...

Share This Page