...making Linux just a little more fun!
J.Bakshi [j.bakshi at icmail.net]
Hello list,
Has one any faced the problem with latest rootkit hunter ( 1.3.4 ) ? I have upgraded the rootkit hunter to 1.3.4 and after that it reports a huge warning. I don't know if the Warnings really indicate any hole in my system or it is just the rootkit hunter it self which creates false alarm. Below is the scan report. Any idea ?
~~~~~~~~~~~~~~~~~~~~~~~~ [ Rootkit Hunter version 1.3.4 ] Checking system commands... Performing 'strings' command checks Checking 'strings' command [ OK ] Performing 'shared libraries' checks Checking for preloading variables [ None found ] Checking for preload file [ Not found ] Checking LD_LIBRARY_PATH variable [ Not found ] Performing file properties checks Checking for prerequisites [ OK ] /bin/awk [ Warning ] /bin/basename [ Warning ] /bin/bash [ Warning ] /bin/cat [ Warning ] /bin/chmod [ Warning ] /bin/chown [ Warning ] /bin/cp [ Warning ] /bin/csh [ Warning ] /bin/date [ Warning ] /bin/df [ Warning ] /bin/dmesg [ Warning ] /bin/echo [ Warning ] /bin/egrep [ Warning ] /bin/fgrep [ Warning ] /bin/fuser [ Warning ] /bin/grep [ Warning ] /bin/ip [ Warning ] /bin/kill [ Warning ] /bin/logger [ Warning ] /bin/login [ Warning ] /bin/ls [ Warning ] /bin/lsmod [ Warning ] /bin/mail [ Warning ] /bin/mktemp [ Warning ] /bin/more [ Warning ] /bin/mount [ Warning ] /bin/mv [ Warning ] /bin/netstat [ Warning ] /bin/ps [ Warning ] /bin/pwd [ Warning ] /bin/rpm [ Warning ] /bin/sed [ Warning ] /bin/sh [ Warning ] /bin/sort [ Warning ] /bin/su [ Warning ] /bin/touch [ Warning ] /bin/uname [ Warning ] /bin/gawk [ Warning ] /bin/tcsh [ Warning ] /usr/bin/awk [ Warning ] /usr/bin/basename [ Warning ] /usr/bin/chattr [ Warning ] /usr/bin/chroot [ Warning ] /usr/bin/csh [ Warning ] /usr/bin/curl [ Warning ] /usr/bin/cut [ Warning ] /usr/bin/diff [ Warning ] /usr/bin/dirname [ Warning ] /usr/bin/du [ Warning ] /usr/bin/egrep [ Warning ] /usr/bin/env [ Warning ] /usr/bin/fgrep [ Warning ] /usr/bin/file [ Warning ] /usr/bin/find [ Warning ] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
with regards
Predrag Ivanovic [predivan at nadlanu.com]
On Tue, 20 Jan 2009 20:24:28 +0530 J.Bakshi wrote:
> Hello list, > > Has one any faced the problem with latest rootkit hunter ( 1.3.4 ) ? I have > upgraded the rootkit hunter to 1.3.4 and after that it reports a huge > warning. I don't know if the Warnings really indicate any hole in my system > or it is just the rootkit hunter it self which creates false alarm. Below is > the scan report. Any idea ? > > ~~~~~~~~~~~~~~~~~~~~~~~~ > [ Rootkit Hunter version 1.3.4 ]<snip lots of warnings> Is this from /var/log/rkhunter.log, or you copy/pasted output from console? If you updated your $UNKNOWN_DISTRO , did you rebuild hash database(iirc) that rkhunter uses to check against ('rkhunter --propupd')? (Maybe it's run as a cron job daily, but my crystal ball is a bit murky ). Check (rather extensive )wiki at http://rkhunter.wiki.sourceforge.net/MPRKH#Contents
Pedja
-- <malaclypse> The general rule on about people on IRC seems to be "Attractive, single, mentally stable: choose two" - bash.org