RkHunter Warnings

[magicalwonders]

I have a relatively new VPS, which for a couple of weeks wasn't sending out system messages. Now that issue has been fixed it feels like the VPS is my new best friend, emailing me at every opportunity!

I've been working my way through the warnings produced by RkHunter over the last week and have managed to reduce the number from dozens to 8. However, I'm a bit stumped on the following warnings -

Warning: Hidden file found: /etc/.zabbix_agent.conf.swp: Vim swap file, version 7.2
Warning: Hidden file found: /usr/share/man/man5/.k5login.5.gz: gzip compressed data, from Unix, max compression
Warning: Hidden file found: /usr/share/man/man5/.k5identity.5.gz: gzip compressed data, from Unix, max compression
Warning: Hidden file found: /usr/share/man/man1/..1.gz: gzip compressed data, from Unix, max compression

From what I can find out from searching, they all appear to be false positives, but no advice found on how to stop them appearing on the report.

Also, this one is proving to be a bit tricky -

Warning: Suspicious file types found in /dev:
/dev/.udev/queue.bin: data

I found a reference to that warning here - https://atomicorp.com/forums/viewtopic.php?f=3&t=6025
It seems to suggest that this was an issue with rkHunter and provides a work-around. But that was two years ago.

I'm hoping someone can advise on how to stop the above messages being reported each day ?

Many thanks,

Myles

 

[cPanelMichael]

Hello

I've moved this thread to our "Security" forum. You should receive more user-feedback here. Please keep in mind that RKHunter is not developed by cPanel.

Thank you.