Knowledgebase

System Integrity checking detected a modified system file

Posted by jackpx, 02-25-2011, 03:49 AM
Today I received the following email on my centos Server: The following list of files have FAILED the md5sum comparison test. This means that the file has been changed in some way. This could be a result of an OS update or application upgrade. If the change is unexpected it should be investigated: /usr/bin/RSA_SecurID_getpasswd: FAILED /usr/sbin/Kobil_mIDentity_switch: FAILED Today we not have made any update to the server. This error might indicate that the server was compromised? Thanks you.
Posted by Rapid2214, 02-25-2011, 06:44 PM
Who owns them and when were they last modified?
Posted by jackpx, 02-25-2011, 08:11 PM
Thanks for your reply. http//i56.tinypic.com/e9956q.png
Posted by madaboutlinux, 02-26-2011, 04:24 AM
The file has indeed updated on 24th Feb, however scan your server once again with ChkRootkit and Rkhunter as LFD is known to generate false alarms. Also upgrade CSF/LFD to it's latest version and perform a system integrity check again.
Posted by jackpx, 02-26-2011, 06:10 AM
http://rpmfind.net/linux/RPM/dag/red...rf.x86_64.html Files Files


Was this answer helpful?

Add to Favourites Add to Favourites

Print this Article Print this Article
Also Read
Cheap Reseller? (Views: 660)
bro,give me some tips (Views: 634)
whats a good web hosting company for a forum (Views: 653)
Eleven2...Hell In A Handbasket. Is There No Good Reseller Host? (Views: 586)
Account suspension in shared hosting (Views: 633)


Language:

Client Menu

 

Client Login

Email

Password

Remember Me

Search



  
 

Clients

Hosting

VPS Hosting

About Us

Contact Us

Copyright © 2015 DC International LLC in partnership with Bragin IT Solutions Inc. - All Rights Reserved.