On Tue, 2007-10-23 at 23:15 +0100, Arthur Dent wrote:
> On Tue, Oct 23, 2007 at 10:30:59PM +0100, John Horne wrote:
>
> >
> > Also, the next official release will be version 1.3.2. The current CVS
> > version is 1.3.1. There was an email about the version numbers a short
> > while ago :-)
>
> O
On Tue, Oct 23, 2007 at 10:30:59PM +0100, John Horne wrote:
> > I presume I need to add the argument "--nocolors" to the versioncheck line?
> >
> Yes, but add it to the '--update' line as well. Alternatively, you can
> combine it all in one:
>
> rkhunter --versioncheck --update --cronjob --repor
On Tue, 2007-10-23 at 21:10 +0100, Arthur Dent wrote:
>
> Well actually I run the script that I found years ago on the web (in the FAQ?)
> It is as follows:
> [EMAIL PROTECTED] ~]# cat scripts/rkhscript.sh
> #!/bin/sh
> (
> /usr/local/bin/rkhunter --versioncheck
> /usr/local/bin/rkhunter --update
On Tue, Oct 23, 2007 at 05:16:08PM +0100, John Horne wrote:
Hmmm... Funny - got your reply but my original mail never showed up at my
end...
> On Tue, 2007-10-23 at 15:57 +0100, Arthur Dent wrote:
> >
> I'm assuming you are running something like 'rkhunter --versioncheck' on
> its own in cron? In
Hallo, John,
Du (john.horne) meintest am 23.10.07:
>> But when RKH can find the actual value of "PermitRootLogin": why
>> does it need an entry in "/etc/rkhunter.conf"?
> To see if the value has been changed. If a hacker changes your
> "PermitRootLogin" to 'yes' in sshd_config, then you will pro
On Tue, 2007-10-23 at 17:41 +0200, Avalon wrote:
> >
> >> Info: Starting test name 'possible_rkt_strings'
> >> Warning: Checking for possible rootkit strings [ Warning ]
> >> No system startup files found.
> >>
Okay, I have gotten a bit lost as to what isn't working. Does the above
warning still
On Tue, 2007-10-23 at 19:37 +0200, Helmut Hullen wrote:
> Hallo, John,
>
> Du (john.horne) meintest am 23.10.07:
>
> >> since upgrading RKHunter to the current version 1.3.0 i got multiple
> >> new warning messages on my FreeBSD box.
>
>
> >> Warning: No local startup files found.
> >>
> >> ->
On Tue, 2007-10-23 at 19:44 +0200, Helmut Hullen wrote:
> Hallo, John,
>
> Du (john.horne) meintest am 23.10.07:
>
> >> This seems to be different under FreeBSD too. Both settings
> >> "PermitRootLogin no" and "Protocol 2" are commented out in my
> >> sshd_config, which is the default on FreeBSD.
Hallo, John,
Du (john.horne) meintest am 23.10.07:
>> since upgrading RKHunter to the current version 1.3.0 i got multiple
>> new warning messages on my FreeBSD box.
>> Warning: No local startup files found.
>>
>> -> Why is this resulting in a warning if no local startup file was
>> -> found?
>
Hallo, Avalon,
Du (third-chance) meintest am 23.10.07:
> thank you, Helmut, for your fast reply. I must have been blind when i
> was looking over the default config. I found the settings you
> described and they worked well.
Don't mention - I had searched for these errors some hours ago ...
> T
Hallo, John,
Du (john.horne) meintest am 23.10.07:
>> This seems to be different under FreeBSD too. Both settings
>> "PermitRootLogin no" and "Protocol 2" are commented out in my
>> sshd_config, which is the default on FreeBSD. Root-Login is
>> definitely not permitted under FreeBSD out-of-the-bo
Hi John,
> I would suggest checking /etc/rc.conf to see if 'local_startup' has been
> set, and then set LOCAL_RC_PATH in rkhunter.conf to that path. If it is
> not set, then look in the above directories
> (/usr/local/etc/rc.d, /usr/X11R6/etc/rc.d) to see if some local startup
> script has been se
On Tue, 2007-10-23 at 17:41 +0200, Avalon wrote:
> >
> >> Info: Starting test name 'possible_rkt_strings'
> >> Warning: Checking for possible rootkit strings [ Warning ]
> >> No system startup files found.
> >>
> >> -> Why is this resulting in a warning if no startup file was found?
> >>
> > The
On Tue, 2007-10-23 at 17:41 +0200, Avalon wrote:
> >
> >> Info: Starting test name 'possible_rkt_strings'
> >> Warning: Checking for possible rootkit strings [ Warning ]
> >> No system startup files found.
> >>
> >> -> Why is this resulting in a warning if no startup file was found?
> >>
> > The
On Tue, 2007-10-23 at 15:57 +0100, Arthur Dent wrote:
>
> This has produced a couple of
> questions none of which are really serious - just curious:
>
> 1) I run RKH from a daily cron job and in the resulting mail output I get
> these
> strange characters that I don't get when I run it from the c
Hi,
thank you, Helmut, for your fast reply. I must have been blind when i
was looking over the default config. I found the settings you described
and they worked well.
Also thank you, John, for the other details, but i have some more
questions regarding these warnings:
> Helmut Hullen has alr
On Tue, 2007-10-23 at 13:02 +0200, Avalon wrote:
>
> since upgrading RKHunter to the current version 1.3.0 i got multiple new
> warning messages on my FreeBSD box. I was able to get rid of many of
> them by using whitelists etc. But for some of them is have no clue how
> do suppress them.
>
Hel
Hello folks,
I have a small home network which I am fairly sure (thanks largely to
RKHunter) is not actually compromised in any way. I recently upgraded to 1.3.0
and, having done so, decided to give it a good run by turning all pretty much
all of the tests to see what would happen. This has produc
Hallo, Avalon,
Du (third-chance) meintest am 23.10.07:
> Can anyone give me a hint how to suppress the following messages:
> /usr/bin/whatis [ Warning ]
> Warning: The command '/usr/bin/whatis' has been replaced by a script:
> /usr/bin/whatis: Bourne shell script text executable
Take "/etc/rk
Hello,
since upgrading RKHunter to the current version 1.3.0 i got multiple new
warning messages on my FreeBSD box. I was able to get rid of many of
them by using whitelists etc. But for some of them is have no clue how
do suppress them.
Can anyone give me a hint how to suppress the following
20 matches
Mail list logo
