Hi .. on a new Centos 6.5 64bit install with Plesk 12 and ASL . I get this in my daily rkhunter email:
Warning: Suspicious file types found in /dev:
/dev/.udev/db/input:mouse1: ASCII text
/dev/.udev/db/input:js0: ASCII text
/dev/.udev/db/input:mouse0: ASCII text
/dev/shm/SharedLockManagerStorage_v2-3301011b82: data
I have read the ASL wiki and googled some. I believe I can safely whitelist the input* stuff. I was not able to find any info on the last line though.
Its details:
-rw-rw---- 1 root lock-manager 8388608 Sep 28 12:56 SharedLockManagerStorage_v2-3301011b82
Can anyone comment on this file?
Thanks,
CCIS
rkhunter /dev/shm/SharedLockManagerStorage
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: rkhunter /dev/shm/SharedLockManagerStorage
Thats the first Ive seen it too, whats in the file?
Re: rkhunter /dev/shm/SharedLockManagerStorage
Looks like the filename changed..
[root@Plesk12 shm]# pwd
/dev/shm
[root@Plesk12 shm]# ll
total 12
-rw-rw---- 1 root lock-manager 8388608 Oct 1 12:12 SharedLockManagerStorage_v2-ace7be0b6c
[root@Plesk12 shm]# strings SharedLockManagerStorage_v2-ace7be0b6c
SharedLockContainer
SharedSleepers
SharedAuthorizer
44015_0x2d05650
ice/dns
854c
44015_0x2d05650
root
ice/dns
90466eeb854c
941f
root/client.1
854c
/global/service
90466eeb854c
bfcf23fd941f
on.2
90466eeb854c
root/client.2
854c
90466eeb854c
on.2
6403
90466eeb854c
root/global
854c
90466eeb854c
'root/global/service
854c
90466eeb854c
90466eeb854c
root/plan.5
854c
90466eeb854c
90466eeb854c
root/plan.6
90466eeb854c
90466eeb854c
90466eeb854c
'root/subscription.2
90466eeb854c
90466eeb854c
root/subscription.2/service
90466eeb854c
ice/dns
90466eeb854c
[root@Plesk12 shm]# pwd
/dev/shm
[root@Plesk12 shm]# ll
total 12
-rw-rw---- 1 root lock-manager 8388608 Oct 1 12:12 SharedLockManagerStorage_v2-ace7be0b6c
[root@Plesk12 shm]# strings SharedLockManagerStorage_v2-ace7be0b6c
SharedLockContainer
SharedSleepers
SharedAuthorizer
44015_0x2d05650
ice/dns
854c
44015_0x2d05650
root
ice/dns
90466eeb854c
941f
root/client.1
854c
/global/service
90466eeb854c
bfcf23fd941f
on.2
90466eeb854c
root/client.2
854c
90466eeb854c
on.2
6403
90466eeb854c
root/global
854c
90466eeb854c
'root/global/service
854c
90466eeb854c
90466eeb854c
root/plan.5
854c
90466eeb854c
90466eeb854c
root/plan.6
90466eeb854c
90466eeb854c
90466eeb854c
'root/subscription.2
90466eeb854c
90466eeb854c
root/subscription.2/service
90466eeb854c
ice/dns
90466eeb854c