Hi,
Did you find a solution for this. I installed RkHunter and it is giving error on Bad Hashes
/bin/cat [ BAD ]
/bin/chmod [ BAD ]
/bin/chown [ BAD ]
/bin/date [ BAD ]
/bin/dmesg [ BAD ]
/bin/env [ BAD ]
/bin/grep [ OK ]
/bin/kill [ BAD ]
/bin/login [ BAD ]
/bin/ls [ BAD ]
/bin/more [ BAD ]
/bin/mount [ BAD ]
/bin/netstat [ OK ]
/bin/ps [ OK ]
/bin/su [ BAD ]
/sbin/chkconfig [ OK ]
/sbin/depmod [ OK ]
/sbin/ifconfig [ OK ]
/sbin/init [ OK ]
/sbin/insmod [ OK ]
/sbin/ip [ OK ]
/sbin/modinfo [ OK ]
/sbin/runlevel [ OK ]
/sbin/sulogin [ OK ]
/sbin/sysctl [ OK ]
/sbin/syslogd [ OK ]
/usr/bin/chattr [ OK ]
/usr/bin/du [ BAD ]
/usr/bin/file [ OK ]
/usr/bin/find [ OK ]
/usr/bin/head [ BAD ]
/usr/bin/kill [ BAD ]
/usr/bin/killall [ OK ]
/usr/bin/lsattr [ OK ]
/usr/bin/md5sum [ BAD ]
/usr/bin/passwd [ OK ]
/usr/bin/pstree [ OK ]
/usr/bin/sha1sum [ BAD ]
/usr/bin/slocate [ OK ]
/usr/bin/stat [ BAD ]
/usr/bin/strings [ OK ]
/usr/bin/top [ OK ]
/usr/bin/users [ BAD ]
/usr/bin/vmstat [ OK ]
/usr/bin/w [ OK ]
/usr/bin/watch [ OK ]
/usr/bin/wc [ BAD ]
/usr/bin/wget [ OK ]
/usr/bin/whereis [ BAD ]
/usr/bin/who [ BAD ]
/usr/bin/whoami [ BAD ]
/usr/sbin/xinetd [ OK ]
Is it something really BAD for the box? Where does RKHUnter gets the hashes.
Most of them are linked to coreutils-4.5.3-28.1 and util-linux-2.11y-31.18
I found that /usr/local/rkhunter/lib/rkhunter/db/defaulthashes.dat contains the hash values for a specific distribution e.g for RedHat Enterprise the OS ID is 722.
Do we know that from where rkhunter gets the values for these hashes?
The version number of Redhat on the box is 2.4.21-47.ELsmp
You think the reason I am getting these errors is because of the New Released Version of Redhat Enterprise Edition
On the another server where I am running coreutils-4.5.3-28, I dont see any errors from rkhunter.
Any help would be really appreciated.
Did you find a solution for this. I installed RkHunter and it is giving error on Bad Hashes
/bin/cat [ BAD ]
/bin/chmod [ BAD ]
/bin/chown [ BAD ]
/bin/date [ BAD ]
/bin/dmesg [ BAD ]
/bin/env [ BAD ]
/bin/grep [ OK ]
/bin/kill [ BAD ]
/bin/login [ BAD ]
/bin/ls [ BAD ]
/bin/more [ BAD ]
/bin/mount [ BAD ]
/bin/netstat [ OK ]
/bin/ps [ OK ]
/bin/su [ BAD ]
/sbin/chkconfig [ OK ]
/sbin/depmod [ OK ]
/sbin/ifconfig [ OK ]
/sbin/init [ OK ]
/sbin/insmod [ OK ]
/sbin/ip [ OK ]
/sbin/modinfo [ OK ]
/sbin/runlevel [ OK ]
/sbin/sulogin [ OK ]
/sbin/sysctl [ OK ]
/sbin/syslogd [ OK ]
/usr/bin/chattr [ OK ]
/usr/bin/du [ BAD ]
/usr/bin/file [ OK ]
/usr/bin/find [ OK ]
/usr/bin/head [ BAD ]
/usr/bin/kill [ BAD ]
/usr/bin/killall [ OK ]
/usr/bin/lsattr [ OK ]
/usr/bin/md5sum [ BAD ]
/usr/bin/passwd [ OK ]
/usr/bin/pstree [ OK ]
/usr/bin/sha1sum [ BAD ]
/usr/bin/slocate [ OK ]
/usr/bin/stat [ BAD ]
/usr/bin/strings [ OK ]
/usr/bin/top [ OK ]
/usr/bin/users [ BAD ]
/usr/bin/vmstat [ OK ]
/usr/bin/w [ OK ]
/usr/bin/watch [ OK ]
/usr/bin/wc [ BAD ]
/usr/bin/wget [ OK ]
/usr/bin/whereis [ BAD ]
/usr/bin/who [ BAD ]
/usr/bin/whoami [ BAD ]
/usr/sbin/xinetd [ OK ]
Is it something really BAD for the box? Where does RKHUnter gets the hashes.
Most of them are linked to coreutils-4.5.3-28.1 and util-linux-2.11y-31.18
I found that /usr/local/rkhunter/lib/rkhunter/db/defaulthashes.dat contains the hash values for a specific distribution e.g for RedHat Enterprise the OS ID is 722.
Do we know that from where rkhunter gets the values for these hashes?
The version number of Redhat on the box is 2.4.21-47.ELsmp
You think the reason I am getting these errors is because of the New Released Version of Redhat Enterprise Edition
On the another server where I am running coreutils-4.5.3-28, I dont see any errors from rkhunter.
Any help would be really appreciated.
Last edited:
