8

I was reading some texts about rootkits and the tools used to remove them.

I have Ubuntu 12.04.1 and rkhunter reported various warnings. I'm wondering what those are. BTW I install only original software, no suspicious programs except avast4workstation which the Software Center reports as bad file (because it doesn't say how much disk space it'll use)

So, using Ubuntu with original files only and some music downloads, what's the risk? How rootkits get installed?

EDIT: I just installed and updated Ubuntu, no software (besides hunters) installed.

The warnings I got from rkhunter

/usr/bin/unhide.rb [ Warning ]  
Checking for hidden files and directories [ Warning ]
guntbert
  • 13,475
Amanda
  • 1,037
  • 1
  • 11
  • 13

1 Answers1

7

rkhunter will trigger a warning any time you add an application. In this case, it's getting upset about (ironically) the security tool unhide.rb.

When you knowingly install software, you'll need to run sudo rkhunter --propupd in order to update rkhunter, so it knows what you've "okayed".

That said, rkhunter is largely for servers, which don't typically have a lot of system changes beyond initial setup. If you want something to protect against malware, you might want to consider something like BitDefender or ClamAV, something designed for desktop use.

Additionally, you may be interested in this related question, which goes into detail about Linux and malware, and why Linux is generally less prone to getting infected.

Community
  • 1
Shauna
  • 3,034