On Tuesday July 31 2007 18:46, JOHN ADAMSON wrote: Just ran it again here's results as root: linuxruss:/home/username # /usr/local/bin/rkhunter --update [ Rootkit Hunter version 1.3.0 ]
Checking rkhunter data files... Checking file mirrors.dat [ No update ] Checking file programs_bad.dat [ No update ] Checking file backdoorports.dat [ No update ] Checking file suspscan.dat [ No update ] Checking file i18n/cn [ No update ] Checking file i18n/en [ No update ] This is on SUSE 10.2. > Hi, > > Long time listener fist time caller: love the show... > > Just tried the 1.3.0 on a new build (read should be clean) CentOS release > 4.5 (Final) box. With some errors. > > Tried (in sequence) > rkhunter --update > ./hashupd.sh (oops!) > rkhunter --propupd > > The final errors are listed below. Seem to be a combination of "replaced by > script" or "no hash". The scripts look legit. > > Happy to try suggestions. > > John. > > > [17:11:22] /bin/date [ Warning ] > [17:11:22] Warning: No hash value found for file '/bin/date' in the > rkhunter.dat file. [17:11:26] /bin/login > [ Warning ] [17:11:26] Warning: No hash value found for file > '/bin/login' in the rkhunter.dat file. [17:11:33] /bin/touch > [ Warning ] [17:11:33] Warning: No hash value found > for file '/bin/touch' in the rkhunter.dat file. [17:11:36] /usr/bin/diff > [ Warning ] [17:11:36] Warning: No hash > value found for file '/usr/bin/diff' in the rkhunter.dat file. [17:11:39] > /usr/bin/groups [ Warning ] [17:11:39] > Warning: The command '/usr/bin/groups' has been replaced by a script: > /usr/bin/groups: Bourne shell script text executable [17:11:41] > /usr/bin/ldd [ Warning ] [17:11:42] > Warning: The command '/usr/bin/ldd' has been replaced by a script: > /usr/bin/ldd: Bourne shell script text executable [17:11:44] > /usr/bin/newgrp [ Warning ] [17:11:44] > Warning: No hash value found for file '/usr/bin/newgrp' in the rkhunter.dat > file. [17:11:44] /usr/bin/passwd [ > Warning ] [17:11:45] Warning: No hash value found for file > '/usr/bin/passwd' in the rkhunter.dat file. [17:11:49] /usr/bin/tail > [ Warning ] [17:11:49] Warning: No hash value > found for file '/usr/bin/tail' in the rkhunter.dat file. [17:11:53] > /usr/bin/whatis [ Warning ] [17:11:53] > Warning: The command '/usr/bin/whatis' has been replaced by a script: > /usr/bin/whatis: Bourne shell script text executable [17:11:57] > /sbin/ifdown [ Warning ] [17:11:57] > Warning: The command '/sbin/ifdown' has been replaced by a script: > /sbin/ifdown: Bourne-Again shell script text executable [17:11:58] > /sbin/ifup [ Warning ] [17:11:58] > Warning: The command '/sbin/ifup' has been replaced by a script: > /sbin/ifup: Bourne-Again shell script text executable [17:12:07] > /usr/sbin/kudzu [ Warning ] [17:12:07] > Warning: No hash value found for file '/usr/sbin/kudzu' in the rkhunter.dat > file. -- Russ Linux register user 441463 ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
