I find a detailed log in /var/log/rkhunter/rkhunter.log
I have extracted from the log what i think that must have our attention:
warning
[03:19:57] Warning: Checking for prerequisites [ Warning ]
[03:19:57] The file of stored file properties (rkhunter.dat) does not exist, and should be created. To do this type in 'rkhunter --propupd'.
[03:19:57] Info: The file properties check will still run as there are checks that can be performed without the rkhunter.dat file.
warning
[03:19:57] Warning: WARNING! It is the users responsibility to ensure that when the '--propupd' option
is used, all the files on their system are known to be genuine, and installed from a
reliable source. The rkhunter '--check' option will compare the current file properties
against previously stored values, and report if any values differ. However, rkhunter
cannot determine what has caused the change, that is for the user to do.
Unable to find 'skdet' command
[03:21:49] Performing Suckit Rookit additional checks
[03:21:49] Checking hard link count on '/sbin/init' [ OK ]
[03:21:50] Checking for hidden file extensions [ None found ]
[03:21:50] Running skdet command [ Skipped ]
[03:21:50] Info: Unable to find the 'skdet' command
[03:21:50] Suckit Rookit additional checks [ OK ]
tripwire not installed
[03:22:49] Checking for software intrusions [ Skipped ]
[03:22:49] Info: Check skipped - tripwire not installed
Check skipped - file '/etc/inetd.conf' does not exist.
[03:22:49] Info: Starting test name 'trojans'
[03:22:49] Performing trojan specific checks
[03:22:50] Checking for enabled inetd services [ Skipped ]
[03:22:50] Info: Check skipped - file '/etc/inetd.conf' does not exist.
Warning
Checking for enabled xinetd services [ Warning ]
[03:22:52] Warning: Found enabled xinetd service: /etc/xinetd.d/pureftp
[03:22:53] Checking for Apache backdoor [ Not found ]
warning
[03:22:53] Info: Starting test name 'os_specific'
[03:22:53] Performing Linux specific checks
[03:22:53] Checking loaded kernel modules [ Warning ]
[03:22:53] Warning: No output found from the lsmod command or the /proc/modules file:
[03:22:53] /proc/modules output:
[03:22:53] lsmod output:
Unable to find the 'unhide-tcp' command
Info: Starting test name 'hidden_ports'
[03:22:59] Checking for hidden ports [ Skipped ]
[03:22:59] Info: Unable to find the 'unhide-tcp' command
warning
[03:23:06] Warning: The SSH and rkhunter configuration options should be the same:
[03:23:06] SSH configuration option 'PermitRootLogin': without-password
[03:23:06] Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': unset
Summary
[03:23:12] System checks summary
[03:23:12] =====================
[03:23:12]
[03:23:12] File properties checks...
[03:23:12] Required commands check failed
[03:23:12] Files checked: 139
[03:23:12] Suspect files: 0
[03:23:12]
[03:23:12] Rootkit checks...
[03:23:12] Rootkits checked : 308
[03:23:12] Possible rootkits: 0
[03:23:13]
[03:23:13] Applications checks...
[03:23:13] All checks skipped
[03:23:13]
[03:23:13] The system checks took: 3 minutes and 30 seconds
[03:23:13]
[03:23:13] Info: End date is Sun Aug 18 03:23:13 BST 2013
warning
---------------------- Start Rootkit Hunter Scan ----------------------
Warning: Checking for prerequisites [ Warning ]
The file of stored file properties (rkhunter.dat) does not exist, and should be created. To do this type in 'rkhunter --propupd'.
Warning: WARNING! It is the users responsibility to ensure that when the '--propupd' option
is used, all the files on their system are known to be genuine, and installed from a
reliable source. The rkhunter '--check' option will compare the current file properties
against previously stored values, and report if any values differ. However, rkhunter
cannot determine what has caused the change, that is for the user to do.
Warning: Found enabled xinetd service: /etc/xinetd.d/pureftp
Warning: No output found from the lsmod command or the /proc/modules file:
/proc/modules output:
lsmod output:
Warning: The SSH and rkhunter configuration options should be the same:
SSH configuration option 'PermitRootLogin': without-password
Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': unset
----------------------- End Rootkit Hunter Scan -----------------------
Thanks in advance for any feedback in any of the above extracts from the log