0
maybe someone can help me makes sense if these scan results are something to be worried about and if so, how to fix them. I seems that I do not have any viruses (check with Sophos AV) or rootkits, but some security related vulnerabilities.
I'm on OSX 10.9.1
Thanks!
Checking for promiscuous interfaces [ Warning ]
Possible promiscuous interfaces:
'ifconfig' command output: en4: flags=8963 mtu 1500
en3: flags=8963 mtu 1500
Checking the local host...
Performing group and account checks
Checking for passwd file [ Found ]
Checking for root equivalent (UID 0) accounts [ None found ]
Checking for passwordless accounts [ None found ]
Checking for passwd file changes [ Warning ]
Unable to check for passwd file differences: no copy of the passwd file exists.
Checking for group file changes [ Warning ]
Unable to check for group file differences: no copy of the group file exists.
Checking root account shell history files [ None found ]
Performing system configuration file checks
Checking for SSH configuration file [ Found ]
Checking if SSH root access is allowed [ OK ]
Checking if SSH protocol v1 is allowed [ Warning ]
The SSH configuration option 'Protocol' has not been set.
Checking for running syslog daemon [ Found ]
Checking for syslog configuration file [ Found ]
Checking if syslog remote logging is allowed [ Warning ]
Syslog configuration file allows remote logging: install.* @127.0.0.1:XXXXX
Performing filesystem checks
Checking /dev for suspicious file types [ Warning ]
Suspicious file types found in /dev:
/dev/fd/6: MS Windows icon resource
/dev/fd/7: MS Windows icon resource
Checking for hidden files and directories [ Warning ]
Hidden file found: /etc/.sudoers.tmp.swp: Vim swap file, version 7.3
The tool should provide more information on the warning itself. Post that information. In any event, I would assume since your only getting warnings, that the tool didn't find any problems – Ramhound – 2014-01-03T19:29:43.613
Thanks, but the log file didn't provide any further infos. – VforVendetta – 2014-01-03T19:34:01.920
2
Seems like this tool is known for its ability to confuse normal users ( http://superuser.com/questions/2723/rootkit-hunter-warnings-on-mac-os-x?rq=1 ) I suggest you simply remove it from your utility belt.
– Ramhound – 2014-01-03T19:35:46.603Thx, didn't even see that question : ) – VforVendetta – 2014-01-03T19:36:55.637