Shamgar Posted February 19, 2005 Share Posted February 19, 2005 I hope my "Enter" finger holds out!Application advisories* Application scan Checking Apache2 modules ... [ Not found ] Checking Apache configuration ... [ OK ]* Application version scan - GnuPG 1.2.4 [ OK ] - OpenSSL 0.9.7d [ OK ] - Procmail MTA 3.22 [ OK ] - OpenSSH 3.8p1 [ OK ]Security advisories* Check: Groups and Accounts Searching for /etc/passwd... [ Found ] Checking users with UID '0' (root)... [ OK ]* Check: SSH Searching for sshd_config... Found /etc/ssh/sshd_config Checking for allowed root login... [ OK (Remote root login permitted by explicit option) ] Checking for allowed protocols... [ Warning (SSH v1 allowed) ]* Check: Events and Logging Search for syslog configuration... [ OK ] Checking for running syslog slave... [ OK ] Checking for logging to remote system... [ OK (no remote logging) ][Press <ENTER> to continue] Quote Link to comment Share on other sites More sharing options...
Bruno Posted February 19, 2005 Author Share Posted February 19, 2005 LOL . . . Enter again . . . Bruno Quote Link to comment Share on other sites More sharing options...
Shamgar Posted February 19, 2005 Share Posted February 19, 2005 (edited) Looks like we are at the end . . . ---------------------------- Scan results ----------------------------MD5MD5 compared: 56Incorrect MD5 checksums: 0File scanScanned files: 342Possible infected files: 0Application scanVulnerable applications: 0Scanning took 1699 secondsScan results written to logfile (/var/log/rkhunter.log)-----------------------------------------------------------------------Do you have some problems, undetected rootkits, false positives, ideasor suggestions?Please e-mail me by filling in the contact form (@http://www.rootkit.nl)-----------------------------------------------------------------------linux:/home/Shamgar # Edited February 19, 2005 by Shamgar Quote Link to comment Share on other sites More sharing options...
trigggl Posted February 19, 2005 Share Posted February 19, 2005 I love those smilies. Quote Link to comment Share on other sites More sharing options...
Bruno Posted February 19, 2005 Author Share Posted February 19, 2005 Looks good Shamgar . . you are clear !! Bruno Quote Link to comment Share on other sites More sharing options...
Shamgar Posted February 19, 2005 Share Posted February 19, 2005 Thanks Bruno. Now do I close the terminal? Where am I going to find this when I try to add a toolbar button (Non KDE Application)?trigggl: It's an extension from firefox called Quote Link to comment Share on other sites More sharing options...
Bruno Posted February 19, 2005 Author Share Posted February 19, 2005 No no . . no toolbar button . . . First you have to run it as root ( and toolbar buttons are only for the user )Second: you always need to run it in a terminal anyway to see the output ( and press <Enter> . . . LOL ! )Yes you can close the terminal now . . your system is healty ans safe ! Bruno Quote Link to comment Share on other sites More sharing options...
Shamgar Posted February 19, 2005 Share Posted February 19, 2005 (edited) So if I want to run this program I have to type in this:linux:/home/Shamgar # /usr/local/bin/rkhunter -c --createlogfileHave another round SuSE . . . . SuSE 9.1 Edited February 19, 2005 by Shamgar Quote Link to comment Share on other sites More sharing options...
Bruno Posted February 19, 2005 Author Share Posted February 19, 2005 Nope you just type ( as root )rkhunter -c --createlogfileThat is all . . . ( we made a new link remember ? and this time I did put the link in /usr/sbin . . where root can find it . . . so then just typing "rkhunter" with the options after it will do ) Bruno Quote Link to comment Share on other sites More sharing options...
Shamgar Posted February 19, 2005 Share Posted February 19, 2005 Okay, thanks again! I am putting anote on my computer (also, copying to Open office. How often should I run this thing? Quote Link to comment Share on other sites More sharing options...
Bruno Posted February 19, 2005 Author Share Posted February 19, 2005 Once every month will do Shamgar . . . .and if you suspect something fishy going on with your system and expect that it is compromised ( cracked ) Bruno Quote Link to comment Share on other sites More sharing options...
Shamgar Posted February 19, 2005 Share Posted February 19, 2005 Okay. Thanks again, Bruno! Quote Link to comment Share on other sites More sharing options...
Bruno Posted February 19, 2005 Author Share Posted February 19, 2005 You're welcome Shamgar !! Burno Quote Link to comment Share on other sites More sharing options...
Dard Posted September 9, 2005 Share Posted September 9, 2005 24 May - Version 1.2.7 availableA new version with another update for the databases updater and additional OS support.http://www.rootkit.nl/ Quote Link to comment Share on other sites More sharing options...
muckshifter Posted July 10, 2006 Share Posted July 10, 2006 Hey! don't blame me for the resurrection of this thread ... Scot did it. Oh, and Suse 10.1 installs rkhunter fine via YaST ... Quote Link to comment Share on other sites More sharing options...
BillD Posted July 10, 2006 Share Posted July 10, 2006 (edited) Where is the log file for this thing after you run it? When I type whereis logfile, it indicates it should be in my home, but where? When I enter "whereis rkhunter" I get: /usr/sbin/rkhunter /etc/rkhunter.conf /lib/rkhunter but in looking in these places, there is no logfile there that I can see.Not to hijack this thread, but this points up a fundamental problem I have run into in Linux: I cannot find things I am looking for. Is there some better way, than using "whereis"?Thank you.Bill Edited July 10, 2006 by BillD Quote Link to comment Share on other sites More sharing options...
Bruno Posted July 10, 2006 Author Share Posted July 10, 2006 Hi BillDid you have a look at the output on your screen ?? At the end it says: ---------------------------- Scan results ----------------------------MD5MD5 compared: 38Incorrect MD5 checksums: 0File scanScanned files: 342Possible infected files: 0Application scanVulnerable applications: 0Scanning took 130 secondsScan results written to logfile (/var/log/rkhunter.log)----------------------------------------------------------------------- BrunoPS: I just created a special thread for questions about the Newsletter & Linux Explorer: http://forums.scotsnewsletter.com/index.php?showtopic=15774 please post your comments over there Quote Link to comment Share on other sites More sharing options...
striker Posted July 10, 2006 Share Posted July 10, 2006 That was obvious. Quote Link to comment Share on other sites More sharing options...
BillD Posted July 10, 2006 Share Posted July 10, 2006 As I told Bruno, it pays to read. I had been so busy looking at the stuff as it scrolled down the screen and wondering what a red warning was and also what the yellow on white stuff was, that by the time it reached the end, I failed to note the end. After finding the original log, I tried it again, and of course, there was the notice.Thank you . . . sorry to ask something that should have been obvious . . . but wasn't to me!Bill Quote Link to comment Share on other sites More sharing options...
Bruno Posted July 10, 2006 Author Share Posted July 10, 2006 No problem at all Bill ! Bruno Quote Link to comment Share on other sites More sharing options...
striker Posted July 10, 2006 Share Posted July 10, 2006 It happens to all of us Bill, including me. You should hear me sometimes yelling at my self 'you stupid %$##*:++_), are you blind?' Just last friday I forgot to get in as root before doing a simple /sbin/lilo.... never happened before. We're just human. Quote Link to comment Share on other sites More sharing options...
teacher Posted July 10, 2006 Share Posted July 10, 2006 Glad to see I am not the only one that does things like this. Quote Link to comment Share on other sites More sharing options...
striker Posted July 10, 2006 Share Posted July 10, 2006 pssst Julia ... the others don't have the guts to admit ... Quote Link to comment Share on other sites More sharing options...
teacher Posted July 11, 2006 Share Posted July 11, 2006 There is no point in me not admiting it. If you go back through this forum to three years ago (yikes already 3 years???) you will find threads where I asked 1000 questions and did a lot of dumb things! I can usually go awhile without doing something dumb these days. Quote Link to comment Share on other sites More sharing options...
striker Posted July 11, 2006 Share Posted July 11, 2006 Quote Link to comment Share on other sites More sharing options...
Frank Golden Posted July 11, 2006 Share Posted July 11, 2006 Neat tool No GUI but I made launcher for program. Terminal shuts down at end of scan.But I can see problems before it does. If I see problems I can always re-runin terminal proper.found some hidden files outside /home/dev/.static/dev/./dev/.initramfs/dev/.udev/dev/.initramfs-tools /etc/.pwd.lock/etc/.javaand one unknown GnuPG 1.4.2.2Don't see log in /var/log Quote Link to comment Share on other sites More sharing options...
striker Posted July 11, 2006 Share Posted July 11, 2006 Neat tool No GUI but I made launcher for program. Terminal shuts down at end of scan.But I can see problems before it does. If I see problems I can always re-runin terminal proper.found some hidden files outside /home/dev/.static/dev/./dev/.initramfs/dev/.udev/dev/.initramfs-tools /etc/.pwd.lock/etc/.javaand one unknown GnuPG 1.4.2.2Don't see log in /var/logFrank, Try this:rkhunter -c --createlogfile --nocolorsThis checks the system, performs all tests,creates a logfile in /var/log/rkhunter.log, anddoesn't use colors for the output (some terminals don't like colors or extended layout characters). Quote Link to comment Share on other sites More sharing options...
Frank Golden Posted July 11, 2006 Share Posted July 11, 2006 Frank, Try this:rkhunter -c --createlogfile --nocolorsThis checks the system, performs all tests,creates a logfile in /var/log/rkhunter.log, anddoesn't use colors for the output (some terminals don't like colors or extended layout characters). Thanks Striker worked charm. Didn't need --nocolors, terminal has no problem colors etc. Quote Link to comment Share on other sites More sharing options...
Urmas Posted July 11, 2006 Share Posted July 11, 2006 found some hidden files outside /home/dev/.static/dev/./dev/.initramfs/dev/.udev/dev/.initramfs-tools /etc/.pwd.lock/etc/.javaand one unknown GnuPG 1.4.2.2Don't see log in /var/logAbout the underlined stuff:http://www.ubuntuforums.org/showthread.php...hlight=rkhunter Quote Link to comment Share on other sites More sharing options...
Frank Golden Posted July 11, 2006 Share Posted July 11, 2006 About the underlined stuff:http://www.ubuntuforums.org/showthread.php...hlight=rkhunter Thanks Urmas, Didn't think there was a problem.I run a tight ship so to speak, would have been very surprised if rkhunter had found any realproblems. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.