hi,
For the bad hashes run hashupd.sh availible here =>
http://sourceforge.net/project/showfiles.php?group_id=155034
cd /usr/local/src
wget http://ovh.dl.sourceforge.net/sourceforge/rkhunter/hashupd.sh
chmod 755 hashupd.sh
./hashupd.sh
cd /usr/local/bin
./rkhunter --createlogfile -c
stil bad hashes ?
regards,
:-)
----- Original Message -----
From: thirupathy k
To: [email protected]
Sent: Wednesday, May 30, 2007 4:18 PM
Subject: [Rkhunter-users] problem in hash for binary files in linux os
hi,
Dear all , am finding problem in rkhunter which was installed in my server
with fedora core and the rkhunter which was used in the linux server is the
latest version (1.2.9) . while the daily scripts are running from the server
states that a lot os bad checks while doing rkhunter checking. please see the
error message given below and help me to solve this issue.
more over i have updated the rkhunter databases with the following command
rkhunter --update
Error message
* System tools
Info: prelinked files found
Performing 'known good' check...
/bin/cat [ BAD ]
/bin/chmod [ BAD ]
/bin/chown [ BAD ]
/bin/date [ BAD ]
/bin/dmesg [ BAD ]
/bin/env [ BAD ]
/bin/grep [ OK ]
/bin/kill [ BAD ]
/bin/login [ BAD ]
/bin/ls [ BAD ]
/bin/more [ BAD ]
/bin/mount [ BAD ]
/bin/netstat [ OK ]
/bin/ps [ BAD ]
/bin/su [ BAD ]
/sbin/chkconfig [ OK ]
/sbin/depmod [ BAD ]
/sbin/ifconfig [ OK ]
/sbin/init [ OK ]
/sbin/insmod [ BAD ]
/sbin/ip [ BAD ]
/sbin/lsmod [ BAD ]
/sbin/modinfo [ BAD ]
/sbin/modprobe [ BAD ]
/sbin/rmmod [ BAD ]
/sbin/runlevel [ OK ]
/sbin/sysctl [ BAD ]
/sbin/syslogd [ OK ]
/sbin/sulogin [ OK ]
/usr/bin/chattr [ OK ]
/usr/bin/du [ BAD ]
/usr/bin/file [ BAD ]
/usr/bin/find [ OK ]
/usr/bin/head [ BAD ]
/usr/bin/killall [ BAD ]
/usr/bin/lsattr [ OK ]
/usr/bin/md5sum [ BAD ]
/usr/bin/passwd [ OK ]
/usr/bin/pstree [ BAD ]
/usr/bin/sha1sum [ BAD ]
/usr/bin/stat [ BAD ]
/usr/bin/strings [ BAD ]
/usr/bin/top [ BAD ]
/usr/bin/users [ BAD ]
/usr/bin/vmstat [ BAD ]
/usr/bin/w [ BAD ]
/usr/bin/watch [ BAD ]
/usr/bin/wc [ BAD ]
/usr/bin/wget [ OK ]
/usr/bin/whereis [ BAD ]
/usr/bin/who [ BAD ]
/usr/bin/whoami [ BAD ]
--------------------------------------------------------------------------------
Rootkit Hunter has found some bad or unknown hashes. This can happen due to
replaced
binaries or updated packages (which give other hashes). Be sure your hashes
are
up-to-date (rkhunter --update). If you're in doubt about these hashes, contact
us through the Rootkit Hunter mailinglist at
[email protected] .
--------------------------------------------------------------------------------
After running the command also gives the same result. Please help me to solve
this issue. Waiting for ur reply
--
Regards
K.Thirupathy
------------------------------------------------------------------------------
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
------------------------------------------------------------------------------
_______________________________________________
Rkhunter-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Rkhunter-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
