Hello all,
I am finishing up the PBX server for my company. .
I am into the security hardening stage now and decided to use RKhunter
along with other packages.
The problem I am having is that I am not able to whitelist the files and dir into /tmp
. I am sure those are false positive and using RTKT_FILE_WHITELIST
and RTKT_DIR_WHITELIST
doesn’t work (anyway I don’t want to whitelist /tmp
directory)
Any idea on how to whitelist those files or how to mark them safe?
Warning: File ‘/tmp/phpEjILIz’ (score: 253) contains some suspicious content and should be checked.
Warning: File ‘/tmp/phpelquRq’ (score: 295) contains some suspicious content and should be checked.
Warning: File ‘/tmp/phpOiMS8O’ (score: 295) contains some suspicious content and should be checked.
Warning: File ‘/tmp/phpBGEqFM’ (score: 295) contains some suspicious content and should be checked.
Warning: File ‘/tmp/php3zfb7T’ (score: 295) contains some suspicious content and should be checked.
Warning: File ‘/tmp/v8-compile-cache-995/6.2.414.54/zSvarzSwwwzShtmlzSadminzSmoduleszSpm2zSnodezSnode_moduleszSpm2zSbinzSpm2.BLOB’ (score: 205) contains some suspicious content and should be checked.
Warning: File ‘/tmp/v8-compile-cache-995/6.2.414.54/zSvarzSwwwzShtmlzSadminzSmoduleszSpm2zSnodezSnode_moduleszSpm2zSbinzSpm2.MAP’ (score: 251) contains some suspicious content and should be checked.
Warning: File ‘/tmp/phpQK2ajE’ (score: 295) contains some suspicious content and should be checked.
Warning: File ‘/tmp/firewall.log’ (score: 201) contains some suspicious content and should be checked.
Warning: File ‘/tmp/phpUFR7LL’ (score: 295) contains some suspicious content and should be checked.
Warning: File ‘/tmp/php4l3iw1’ (score: 253) contains some suspicious content and should be checked.
Warning: File ‘/tmp/phptMyA7X’ (score: 295) contains some suspicious content and should be checked.
Warning: File ‘/tmp/php0aBb1b’ (score: 295) contains some suspicious content and should be checked.
Warning: File ‘/tmp/phpGAsYjf’ (score: 295) contains some suspicious content and should be checked.
Warning: File ‘/tmp/php6f77yl’ (score: 295) contains some suspicious content and should be checked.
Warning: File ‘/tmp/phpRXGd0X’ (score: 253) contains some suspicious content and should be checked.
Warning: File ‘/tmp/php8NqJQB’ (score: 253) contains some suspicious content and should be checked.
Warning: File ‘/tmp/phpmpfpOS’ (score: 295) contains some suspicious content and should be checked.
Warning: File ‘/tmp/systemd-private-131fde19727c464db6994c36fb113352-httpd.service-1ozvpv/tmp/v8-compile-cache-995/6.2.414.54/zSvarzSwwwzShtmlzSadminzSmoduleszSpm2zSnodezSnode_moduleszSpm2zSbinzSpm2.BLOB’ (score: 205) contains some suspicious content and should be checked.
Warning: File ‘/tmp/systemd-private-131fde19727c464db6994c36fb113352-httpd.service-1ozvpv/tmp/v8-compile-cache-995/6.2.414.54/zSvarzSwwwzShtmlzSadminzSmoduleszSpm2zSnodezSnode_moduleszSpm2zSbinzSpm2.MAP’ (score: 251) contains some suspicious content and should be checked.
Warning: File ‘/tmp/phpLCqxO9’ (score: 205) contains some suspicious content and should be checked.
Thank you
Fab