Hi,
Since the last update, both the SME servers I have under test have been giving the same rootkit warnings. They both complain about:
04:03:56] Warning: Suspicious file types found in /dev:
[04:03:56] /dev/shm/suspscan.14067.strings: ASCII text, with very long lines
and some files:
[04:03:28] Warning: File '/tmp/sa-update.log' (score: 253) contains some suspicious content and should be checked.
[04:03:31] File checked: Name: '/tmp/sess_28a16ea58154fec612c7aa9e389cfb71' Score: 221
[04:03:31] Warning: File '/tmp/sess_28a16ea58154fec612c7aa9e389cfb71' (score: 221) contains some suspicious content and should be checked.
[04:03:33] File checked: Name: '/tmp/sess_2c4af0ab7b253f31a63d18568d823846' Score: 221
[04:03:33] Warning: File '/tmp/sess_2c4af0ab7b253f31a63d18568d823846' (score: 221) contains some suspicious content and should be checked.
Doing a cat shows that the file in /dev/ appears to be related to Hord and the others are not clear. I think that this is OK but I thought I had better ask - it is OK - what should I do to stop the warnings?
Regards
Rob