unlogged changes to certutil and others

Post Reply
karunadave
Junior Member
Posts: 2
Joined: 27 May 2012, 18:06

unlogged changes to certutil and others

Post by karunadave »

Yesterday I received from lfd system integrity check
/usr/bin/certutil: FAILED
/usr/bin/cmsutil: FAILED
/usr/bin/crlutil: FAILED
/usr/bin/modutil: FAILED
/usr/bin/pk12util: FAILED
/usr/bin/signtool: FAILED
/usr/bin/signver: FAILED
/usr/bin/ssltap: FAILED
/usr/sbin/nscd: FAILED

No record of a change in the CPanel update logs (/var/cpanel/updatelogs) can be found.

Previously have found entries in the update logs with these integrity check are done (or if I have updated something myself.

I am worried, should I now panic? :eek:
sawbuck
Junior Member
Posts: 366
Joined: 10 Dec 2006, 16:20

Re: unlogged changes to certutil and others

Post by sawbuck »

I'd say it depends on what platform you're on. In my experience, vps servers for instance, OS level updates can be initiated by the host that LFD may recognize but cPanel doesn't.
karunadave
Junior Member
Posts: 2
Joined: 27 May 2012, 18:06

Re: unlogged changes to certutil and others

Post by karunadave »

I checked, it is an un-managed VPS, they say they don't modify OS files.

So, time to hit the panic button. I don't seem to have rights to post to the CPanel forums (although I do have a logon) to ask if these files have been modified in an unlogged way.
ForumAdmin
Moderator
Posts: 1523
Joined: 01 Oct 2008, 09:24

Re: unlogged changes to certutil and others

Post by ForumAdmin »

The simplest way to look into these is with:

Code: Select all

# rpm -qf /usr/bin/modutil
nss-tools-3.13.6-3.el5_9

Code: Select all

# rpm -qi nss-tools
Name        : nss-tools                    Relocations: (not relocatable)
Version     : 3.13.6                            Vendor: CentOS
Release     : 3.el5_9                       Build Date: Thu 31 Jan 2013 09:04:27 PM GMT
Install Date: Fri 01 Feb 2013 12:06:37 AM GMT      Build Host: builder17.centos.org
Group       : System Environment/Base       Source RPM: nss-3.13.6-3.el5_9.src.rpm
Size        : 2692696                          License: MPLv1.1 or GPLv2+ or LGPLv2+
Signature   : DSA/SHA1, Thu 31 Jan 2013 09:57:43 PM GMT, Key ID a8a447dce8562897
URL         : http://www.mozilla.org/projects/security/pki/nss/
Summary     : Tools for the Network Security Services
Description :
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
server applications. Applications built with NSS can support SSL v2
and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509
v3 certificates, and other security standards.

Install the nss-tools package if you need command-line tools to
manipulate the NSS certificate and key database.
Note the Install Date.
Post Reply