Displaying 20 results from an estimated 2000 matches similar to: "Security Guide for CentOS/RHEL"
2006 Mar 11
4
Centosplus & CentOS Extras, Enlarge your tent
I think Jim (the other one) is doing a marvellous job with extras and
plus but he needs to expand the size of his tent. A sensible package
policy in extras/plus repo will mean fewer temptations to install 3rd
party repo's that can break your system. Some of the packages i
would like to see are :-
- MySQL 5 rpms
- php 5 rpms (already provided)
- Open Office 2.0 rpms
- webmin
- rkhunter
-
2015 Aug 07
2
semi-OT: rkhunter, fix "broken links"
Hi, folks,
rkhunter is reporting a broken link on one of our servers. This is
quite reasonable, since it's on a drive whose controller card I have
declared dead the other day. I've been googling, searching in the
manpage, and I've done an rkhunter --propupd, but it still finds the
broken link. Anyone know how to remove the link from the rkhunter d/b?
mark
2006 Dec 02
1
How to install rkhunter properly
Hi list,
after a bit of struggling I found out how to cleanly install rkhunter
... maybe this is useful for you:
* Download rkhunter (I downloaded v 1.2.8)
* mv /etc/rpm/platform /root/etc_rpm_platform
* setarch i386 rpmbuild -ta --target=i386 rkhunter-1.2.8.tar.gz
* mv /root/etc_rpm_platform /etc/rpm/platform
* rpm -ivh /usr/src/redhat/RPMS/noarch/rkhunter-1.2.8-1.noarch.rpm
* wget
2019 Nov 14
2
how to know when a system is compromised
I have not, I'll look into that one, thanks!
On 11/14/2019 9:48 AM, SternData wrote:
> Do you run rkhunter?
>
> On 11/14/19 9:40 AM, Christopher Wensink wrote:
>> How do you know when a Linux system has been compromised??
>>
>> Every day I watch our systems with all the typical tools, ps, top, who,
>> I watch firewall / IPS logs, I have logwatch setup and
2017 Aug 30
4
rkhunter and prelink
Can't remember if I posted this before... We're getting warnings from
rkhunterWarning: Checking for prerequisites [ Warning ]
All file hash checks will be skipped because:
This system uses prelinking, but the hash function command does not
look like SHA1 or MD5.
Now, googling, I find people saying to rm /etc/prelink.cache, then run
rkhunter --propupd.
Works. And then,
2012 May 30
1
snmpd not working well with selinux?
Hello,
I am trying to use SNMP on a CentOS 6.2 server, and am using the
'pass_persist' configuration command:
pass_persist .1.3.6.1.4.1.141.1 /usr/local/sbin/snmp-iostat
I have set the file context of 'snmpd_exec_t' on the snmp-iostat
program.
If I disable SELinux, then it all works fine (that is, I can then
snmpget/snmpwalk for OIDs in the configured pass_persist OID,
2012 Oct 10
2
Perl - strict.pm not found
Hello,
I installed the ClamAV package onto a CentOS 6.3 server using yum. I
then modified the /etc/freshclam.conf file to run a perl script whenever
the ClamAV databases were updated:
OnUpdateExecute /usr/local/bin/xymon_event ...
The 'xymon_event' command is used on several servers, and generally
works with no problems. However, on this server when
the /etc/cron.daily/freshclam script
2008 Jan 13
3
Anti-Rootkit app
Hi all,
I need to install an anti-rootkid in a lot of servers. I know that
there're several options: tripwire, aide, chkrootkit...
?What do you prefer?
Obviously, I have to define my needs:
- easy setup and configuration
- actively developed
--
Thanks,
Jordi Espasa Clofent
2012 Sep 28
1
Changes to inodes discovered by aide
Hi.
On one of my servers aide just reported inode changes to a large bunch of files in a variety of directories, e.g. /usr/bin, /usr/sbin etc. This machine sits behind a couple of firewalls and it would be hard to get to.
The day before I updated "clam*" and updated the aide database right after that:
-rw------- 1 root root 7407412 Sep 26 10:58 aide.db.gz
The problem was that the
2006 Jun 14
3
Tripwire for CentOS
Hi,
I literally have about 36 machines running CentOS on a private network,
and will probably change the remaining 30 or so away from Whitebox or RH
in the near term.
One thing I just noticed was when I tried to search out Tripwire RPM's,
that none seemed evident.
Can anyone point me in the direction of an Tripwire RPM that works with
CentOS 4.3, or advise me on how to create one from the
2008 Sep 02
2
Backup and reinstall a CentOS server
I've got a CentOS server that crashes due to a bad hard disk. I have got a spare disk and need to format and reinstall CentOS from the SERVER CD. Backup and reinstall is a major PITA because of some of the customisations that I've done e.g. the DNS Server is set to log queries (the default does not do this). Any tips on :-
- backing up and reinstalling (is a script available)?
- is the
2006 Oct 30
2
Problem rkhunter v. 1.2.8 - CENTOS 4
Dear Friends,
I am using CENTOS 4.3 - kernel 2.6.9-42.0.2.EL with rkhunter version
1.2.8, but the rkhunter program show me problem on file /bin/kill.
I compare files /bin/kill with other CENTOS 4 and it has same size.
====================== SHOE LOG ===========================
Rootkit Hunter 1.2.8 is running
Mon, 30 Oct 2006 12:56:44 -0200
Determining OS... Ready
Checking binaries
*
2006 Jun 12
3
Check integrity or rootkits on remote server?
Hello,
when one has physical access to a computer, he
can run something like tripwire, with keys and
checksum on a separate, write-only media, to
verify the integrity of the system.
What if the system is a remote one (in my case
Centos 4.3 on a User Mode Linux VPS some hundred
of KMs from here)?
Does it still make sense to run tripwire remotely?
If yes, how, since you cannot plug a floppy or
2008 Oct 14
3
Squid Number of hits
Dear all,
I am running squid on centos 5.Is there is any tool to calculate
number of ip's hit the server for month wise.
Even any command to find out the number of hits is also ok.
Regards,
Lingu
2017 Aug 30
1
rkhunter and prelink
in my prior message, that should be in rkhunter.conf
On Wed, Aug 30, 2017 at 11:43 AM, Tony Schreiner <anthony.schreiner at bc.edu>
wrote:
> This has come up for me on the most recent upgrade, add the line
>
> HASH_CMD=sha1sum
>
> On Wed, Aug 30, 2017 at 11:15 AM, <m.roth at 5-cent.us> wrote:
>
>> Can't remember if I posted this before... We're getting
2009 Nov 28
6
AIDE or OSSEC on CentOS 5.4 x86_64?
Starting with a fresh load and after I finish hardening the load
following the Center for Internet Security (CIS) guidance, I'm wondering
whether AIDE or OSSEC would be a better intrusion detection system.
I installed AIDE and did a quick test of AIDE and after initializing the
db and applying the recent cups update, I found that 1700+ files had
changed. Those are a lot of changes to wade
2015 Aug 07
0
semi-OT: rkhunter, fix "broken links"
On Fri, 2015-08-07 at 09:45 -0400, m.roth at 5-cent.us wrote:
> Hi, folks,
>
> rkhunter is reporting a broken link on one of our servers. This is
> quite reasonable, since it's on a drive whose controller card I have
> declared dead the other day. I've been googling, searching in the
> manpage, and I've done an rkhunter --propupd, but it still finds the
>
2014 Jan 17
1
rkhunter
I updated java-1.7.0-openjdk a few hours ago - it *was* listed as a
critical security update, and I don't want yelling from rkhunter. The man
page tells me I can tell it rkhunter --propupd <package name>... but it
doesn't know the name above as a package. Been googling a bit, and cannot
find a good example of a package (other than the manpage's coreutil).
Anyone got an example,
2014 Feb 20
2
Monitor Wireless Networks
Hi,
I am having interference with my neighbouring wireless networks.
Is there a linux tool that enables me to monitor the ESSID, channel,
power output and other information for neighbouring wireless networks?
I am especially interested in the channel so I can choose a different one.
Thank you,
Joe
2008 Sep 13
1
Newbies to CentOS List
Guidelines for CentOS Mailing List posts
* Mailing List Etiquette
* How To Ask Questions The Smart Way
* Quoting Style
* Why is Bottom-posting better than Top-posting
1. Please turn off HTML in your e-mail client for these mailing lists.
We have several subscribers who read the list with text only readers
and they can't easily read html formatted e-mails. There is a place
(somewhere) for