Displaying 20 results from an estimated 1000 matches similar to: "How to install rkhunter properly"
2006 Oct 30
2
Problem rkhunter v. 1.2.8 - CENTOS 4
Dear Friends,
I am using CENTOS 4.3 - kernel 2.6.9-42.0.2.EL with rkhunter version
1.2.8, but the rkhunter program show me problem on file /bin/kill.
I compare files /bin/kill with other CENTOS 4 and it has same size.
====================== SHOE LOG ===========================
Rootkit Hunter 1.2.8 is running
Mon, 30 Oct 2006 12:56:44 -0200
Determining OS... Ready
Checking binaries
*
2015 Aug 07
2
semi-OT: rkhunter, fix "broken links"
Hi, folks,
rkhunter is reporting a broken link on one of our servers. This is
quite reasonable, since it's on a drive whose controller card I have
declared dead the other day. I've been googling, searching in the
manpage, and I've done an rkhunter --propupd, but it still finds the
broken link. Anyone know how to remove the link from the rkhunter d/b?
mark
2017 Aug 30
1
rkhunter and prelink
in my prior message, that should be in rkhunter.conf
On Wed, Aug 30, 2017 at 11:43 AM, Tony Schreiner <anthony.schreiner at bc.edu>
wrote:
> This has come up for me on the most recent upgrade, add the line
>
> HASH_CMD=sha1sum
>
> On Wed, Aug 30, 2017 at 11:15 AM, <m.roth at 5-cent.us> wrote:
>
>> Can't remember if I posted this before... We're getting
2014 Jan 17
1
rkhunter
I updated java-1.7.0-openjdk a few hours ago - it *was* listed as a
critical security update, and I don't want yelling from rkhunter. The man
page tells me I can tell it rkhunter --propupd <package name>... but it
doesn't know the name above as a package. Been googling a bit, and cannot
find a good example of a package (other than the manpage's coreutil).
Anyone got an example,
2017 Aug 30
4
rkhunter and prelink
Can't remember if I posted this before... We're getting warnings from
rkhunterWarning: Checking for prerequisites [ Warning ]
All file hash checks will be skipped because:
This system uses prelinking, but the hash function command does not
look like SHA1 or MD5.
Now, googling, I find people saying to rm /etc/prelink.cache, then run
rkhunter --propupd.
Works. And then,
2017 Aug 30
2
rkhunter and prelink
On Wed, August 30, 2017 10:43 am, Tony Schreiner wrote:
> This has come up for me on the most recent upgrade, add the line
>
> HASH_CMD=sha1sum
>
> On Wed, Aug 30, 2017 at 11:15 AM, <m.roth at 5-cent.us> wrote:
>
>> Can't remember if I posted this before... We're getting warnings from
>> rkhunterWarning: Checking for prerequisites [ Warning
2006 Feb 18
0
Does your rkhunter do an md5 check?
I rebuilt rkhunter-1.2.8-1.noarch.rpm by using the spec and tgz from
the rkhunter site (www.rootkit.nl). (I rebuilt it using his
instructions.) However rkhunter does not do an md5 check. The box
used to have fedora and each time there were updates it would
complain that the some of the md5's don't match. I contacted the
author using his contact feature on Wednesday but he hasn't
2014 Apr 17
0
semi-OT:R and rkhunter
The latest version of rkhunter is complaining about "suspicious file
types" in /dev/shm. Thing is, they're being created on the fly by R, and
then seem to be a random name (5d1f...), and I have zero expectation that
R will only create shm files beginning with those characters.
For those running rkhunter, if you've run into something like this, how
have you handled it - told
2014 May 15
0
Fwd: For the CentOS list: rkhunter and NFS
---------- Forwarded message ----------
From: <m.roth at 5-cent.us>
Date: Thu, May 15, 2014 at 3:40 PM
Subject: For the CentOS list: rkhunter and NFS
To: lesmikesell at gmail.com
Hi, Les,
Could you forward this to the CentOS list? That damn nixspam is
blocking my hosting provider's mailhost *again*; it was on and off
yesterday, and today it won't even let me remove it, and
2014 Apr 30
0
rkhunter 1.4.2 (epel) unary operator expected -ne found
Anyone seeing this?
/etc/cron.daily/rkhunter:
/usr/bin/rkhunter: regel 13967: [: eenzijdige operator werd verwacht, -ne gevonden
Translating: line 13967 unary operator expected -ne found
Line 13967 is: if [ `${IPCS_CMD} -u 2>/dev/null | awk -F' ' '/segments allocated/ {print $3}'` -ne 0 ]; then
rkhunter 1.4.2 release 1.el6 from epel on a CentOS 6.5
Thanks
Patrick
2015 Aug 07
0
semi-OT: rkhunter, fix "broken links"
On Fri, 2015-08-07 at 09:45 -0400, m.roth at 5-cent.us wrote:
> Hi, folks,
>
> rkhunter is reporting a broken link on one of our servers. This is
> quite reasonable, since it's on a drive whose controller card I have
> declared dead the other day. I've been googling, searching in the
> manpage, and I've done an rkhunter --propupd, but it still finds the
>
2006 Dec 11
1
dovecot disconnect(s) / new facts
Hi,
I just tried the below with the current version 1.0 RC15 (from the
dovecot website) and I still got the Problem:
telnet gives me the following output:
-----8<-----8<-----8<-----SNIP-----8<-----8<-----8<-----
+OK dovecot ready.u-ERR invalid command u
s-ERR invalid command s
e-ERR invalid command e
r-ERR invalid command r
-ERR invalid command
u-ERR invalid command u
s-ERR
2006 Oct 01
0
Supermicro X6DH8-G2+ / sensors not working
Hello,
I'm having problems with lm_sensors on the motherboard Supermicro X6DH8-G2+
sensors-detect gives me the output attached in the textfile
sensors-detect-output.txt
As soon as I execute the recommended 'modprobe smbus-arp' I receive the
following message:
FATAL: Module smbus_arp not found.
When I execute sensors, I receive the following:
2006 Dec 11
1
Disconnects with proxies / new facts
Hi,
I just tried the below with the current version 1.0 RC15 and I still got
the Problem:
telnet gives me the following output:
-----8<-----8<-----8<-----SNIP-----8<-----8<-----8<-----
+OK dovecot ready.u-ERR invalid command u
s-ERR invalid command s
e-ERR invalid command e
r-ERR invalid command r
-ERR invalid command
u-ERR invalid command u
s-ERR invalid command s
e-ERR
2017 Aug 30
0
rkhunter and prelink
This has come up for me on the most recent upgrade, add the line
HASH_CMD=sha1sum
On Wed, Aug 30, 2017 at 11:15 AM, <m.roth at 5-cent.us> wrote:
> Can't remember if I posted this before... We're getting warnings from
> rkhunterWarning: Checking for prerequisites [ Warning ]
> All file hash checks will be skipped because:
> This system uses
2017 Aug 30
0
rkhunter and prelink
On Wed, 2017-08-30 at 11:03 -0500, Valeri Galtsev wrote:
> On Wed, August 30, 2017 10:43 am, Tony Schreiner wrote:
> > This has come up for me on the most recent upgrade, add the line
> >
> > HASH_CMD=sha1sum
> >
> > On Wed, Aug 30, 2017 at 11:15 AM, <m.roth at 5-cent.us> wrote:
> >
> > > Can't remember if I posted this before...
2017 Nov 06
1
How to detect botnet user on the server ?
Another alternative is to use a FIMS/HIDS such as Aide (Advanced Intrusion Detection Environment), OSSEC or Samhain. Be prepared to learn a lot about what your OS normally does behind the scenes (and thus a fair amount of initial fine tuning to exclude those things). Aide seems to work well (I've seen only one odd result) and is quite granular. However, it is local system based rather than
2007 Feb 14
1
php version 4.4 / ez publish
Hi list, is there any repository on this world where I can stick to and
update to a stable and hopefully secure and hopefully long supported
version 4.4 of php? EZ publish's software requirements as of the current
version tells me that it requires php 4.4 which doesn't meet what Centos
4.4 or its upstream provides. For a certain project I want to use ez
publish. Is there any solution
2008 Nov 27
2
Centos 5.2 install problem
Hi, I'm trying a fresh install on a x86_64 (Supermicro X7dbe, 2xIntel
Xeon X5450, 8 GB, 3WARE 9650SE-8LPML, 3 disks in RAID 5).
The format takes quite long (2,7 TB), that seems to be normal, but then
the first boot will not take place, instead the system loops. Any hints?
The message follows:
Regards
Michael
Mounting root filesystem.
mount: could not find filesystem '/dev/root'
2009 Feb 24
1
centos 4.7 / kvm
Hello,
I'm trying to install centos-4.7 under kvm (for legacy reasons). I can't
get the beast installed, it crashes (see output below).
I'm using:
qemu 0.9.1
kvm-72
libvirt-0.4.6
kernel 2.6.26
What can I do in order to get the installation being done?
The host is a x86_64 machine (debian5).
BTW, the installation for centos-5.2 works like a charm with the above
configuration.
TIA