similar to: semi-OT: rkhunter, fix "broken links"

On Fri, 2015-08-07 at 09:45 -0400, m.roth at 5-cent.us wrote: > Hi, folks, > > rkhunter is reporting a broken link on one of our servers. This is > quite reasonable, since it's on a drive whose controller card I have > declared dead the other day. I've been googling, searching in the > manpage, and I've done an rkhunter --propupd, but it still finds the >

Can't remember if I posted this before... We're getting warnings from rkhunterWarning: Checking for prerequisites [ Warning ] All file hash checks will be skipped because: This system uses prelinking, but the hash function command does not look like SHA1 or MD5. Now, googling, I find people saying to rm /etc/prelink.cache, then run rkhunter --propupd. Works. And then,

in my prior message, that should be in rkhunter.conf On Wed, Aug 30, 2017 at 11:43 AM, Tony Schreiner <anthony.schreiner at bc.edu> wrote: > This has come up for me on the most recent upgrade, add the line > > HASH_CMD=sha1sum > > On Wed, Aug 30, 2017 at 11:15 AM, <m.roth at 5-cent.us> wrote: > >> Can't remember if I posted this before... We're getting

I updated java-1.7.0-openjdk a few hours ago - it *was* listed as a critical security update, and I don't want yelling from rkhunter. The man page tells me I can tell it rkhunter --propupd <package name>... but it doesn't know the name above as a package. Been googling a bit, and cannot find a good example of a package (other than the manpage's coreutil). Anyone got an example,

Is there a step by step approach to securing CentOS 4X (or even RHEL 4X)? I don't mean the stuff in the docs/security guide but a working step by step guide? There used to be packages like rkhunter and tripwire but I don't know if the ones in rpmforge/kbs repo are up to date. Thanks, Josh.

On Wed, August 30, 2017 10:43 am, Tony Schreiner wrote: > This has come up for me on the most recent upgrade, add the line > > HASH_CMD=sha1sum > > On Wed, Aug 30, 2017 at 11:15 AM, <m.roth at 5-cent.us> wrote: > >> Can't remember if I posted this before... We're getting warnings from >> rkhunterWarning: Checking for prerequisites [ Warning

---------- Forwarded message ---------- From: <m.roth at 5-cent.us> Date: Thu, May 15, 2014 at 3:40 PM Subject: For the CentOS list: rkhunter and NFS To: lesmikesell at gmail.com Hi, Les, Could you forward this to the CentOS list? That damn nixspam is blocking my hosting provider's mailhost *again*; it was on and off yesterday, and today it won't even let me remove it, and

This has come up for me on the most recent upgrade, add the line HASH_CMD=sha1sum On Wed, Aug 30, 2017 at 11:15 AM, <m.roth at 5-cent.us> wrote: > Can't remember if I posted this before... We're getting warnings from > rkhunterWarning: Checking for prerequisites [ Warning ] > All file hash checks will be skipped because: > This system uses

On Wed, 2017-08-30 at 11:03 -0500, Valeri Galtsev wrote: > On Wed, August 30, 2017 10:43 am, Tony Schreiner wrote: > > This has come up for me on the most recent upgrade, add the line > > > > HASH_CMD=sha1sum > > > > On Wed, Aug 30, 2017 at 11:15 AM, <m.roth at 5-cent.us> wrote: > > > > > Can't remember if I posted this before...

Hi list, after a bit of struggling I found out how to cleanly install rkhunter ... maybe this is useful for you: * Download rkhunter (I downloaded v 1.2.8) * mv /etc/rpm/platform /root/etc_rpm_platform * setarch i386 rpmbuild -ta --target=i386 rkhunter-1.2.8.tar.gz * mv /root/etc_rpm_platform /etc/rpm/platform * rpm -ivh /usr/src/redhat/RPMS/noarch/rkhunter-1.2.8-1.noarch.rpm * wget

Dear Friends, I am using CENTOS 4.3 - kernel 2.6.9-42.0.2.EL with rkhunter version 1.2.8, but the rkhunter program show me problem on file /bin/kill. I compare files /bin/kill with other CENTOS 4 and it has same size. ====================== SHOE LOG =========================== Rootkit Hunter 1.2.8 is running Mon, 30 Oct 2006 12:56:44 -0200 Determining OS... Ready Checking binaries *

The latest version of rkhunter is complaining about "suspicious file types" in /dev/shm. Thing is, they're being created on the fly by R, and then seem to be a random name (5d1f...), and I have zero expectation that R will only create shm files beginning with those characters. For those running rkhunter, if you've run into something like this, how have you handled it - told

Hello, I am trying to use SNMP on a CentOS 6.2 server, and am using the 'pass_persist' configuration command: pass_persist .1.3.6.1.4.1.141.1 /usr/local/sbin/snmp-iostat I have set the file context of 'snmpd_exec_t' on the snmp-iostat program. If I disable SELinux, then it all works fine (that is, I can then snmpget/snmpwalk for OIDs in the configured pass_persist OID,

Hello, I installed the ClamAV package onto a CentOS 6.3 server using yum. I then modified the /etc/freshclam.conf file to run a perl script whenever the ClamAV databases were updated: OnUpdateExecute /usr/local/bin/xymon_event ... The 'xymon_event' command is used on several servers, and generally works with no problems. However, on this server when the /etc/cron.daily/freshclam script

Hello, We have MySQL running as a master which is replicating to a single slave server. We are, however, considering what is required when a 'disaster' of some sort happens to either server. By disaster, this could be some event which requires the entire server to be rebuilt, and which would usually include restoring from nightly backups directories such as '/var/lib/mysql' and

Dear all, I am running squid on centos 5.Is there is any tool to calculate number of ip's hit the server for month wise. Even any command to find out the number of hits is also ok. Regards, Lingu

Hello, I have just installed CentOS 7 onto two servers and applied all the current patches. There are currently two kernels installed: # rpm -q kernel kernel-3.10.0-123.el7.x86_64 kernel-3.10.0-123.9.3.el7.x86_64 However, if I reboot the servers they both start up on the older kernel: # uname -r 3.10.0-123.el7.x86_64 I would have expected them to restart using kernel 3.10.0-123.9.3. I know I

Starting with a fresh load and after I finish hardening the load following the Center for Internet Security (CIS) guidance, I'm wondering whether AIDE or OSSEC would be a better intrusion detection system. I installed AIDE and did a quick test of AIDE and after initializing the db and applying the recent cups update, I found that 1700+ files had changed. Those are a lot of changes to wade

Hi, I am having interference with my neighbouring wireless networks. Is there a linux tool that enables me to monitor the ESSID, channel, power output and other information for neighbouring wireless networks? I am especially interested in the channel so I can choose a different one. Thank you, Joe

Hy there, i have a centos (4.?) Box with nightly yum update enabled. Last night, it did an upgrade to 4.7 leading to several problem i.e. not respawning the dhcrelay, which is needed on this box. Can I control the update policy not to upgrade to new releases in the nightly updates? I would like do to nightly updates, but make release upgrades manual (I get a new kernel, so I have to reboot