system compromised?

[tic67]

I've just been sent the following message from my system:

IMPORTANT: Do not ignore this email.
This message is to inform you that the rpm
package fileutils did not match the expected checksum. This could mean that
your system was compromised (OwN3D). The offending files have been removed
and replaced with the OS default. To be safe you should verify that your
system has not be compromised.


Modified Files:
.......T c /etc/DIR_COLORS
.......T c /etc/profile.d/colorls.csh
.......T c /etc/profile.d/colorls.sh

Is there anything I can do to check what this means?.

Thx,

John

 

[PWSowner]

I got one this morning and yesterday morning. My server provider said it's nothing to worry about.

 

[dgbaker]

That is usually from a cpanel update like

fileutils-4.1-10.1.i386.rpm

 

[Tom Pyles]

I too am getting these e-mails...not sure why it started all of a sudden, but worried me to know end. My provider also told me nothing to worry about

 

[ecoutez]

This issue is resolved

Nick took a look at one of my RedHat 7.2 boxes exhibiting this behavior and found the problem.

Run /scripts/updatenow and it should be fixed.

- Jason

 

[Website Rob]

Seems odd that anyone other than the SysAdmin would be wanting to change the files shown in the first post. All they are is for the colours used to display your screen output when in Shell. Most curious.