Re: [Rkhunter-users] rkhunter 1.3.6 / Red Hat Fedora

[Duane Loftus]

On Thu, 2010-05-27 at 15:33 +0100, John Horne wrote:
> On Thu, 2010-05-27 at 07:06 -0700, Duane Loftus wrote:
> >
> > I went into rkhunter.conf and commented out the line:
> > 
> > #BINDIR="/bin /usr/bin /sbin /usr/sbin /usr/local/bin /usr/local/sbin 
> > /usr/libexec /usr
> > /local/libexec"
> > 
> Why?
> 
> > But I am still getting the "symbolic link: /etc/rc.local" response.  
> > 
> You will do (although BINDIR has absolutely nothing to do with it).
> 
> > 
> > Unfortunately, I messed around with rkhunter.conf before reading your
> > advice to do a rkhunter.conf.local.  Should I do another reinstall?
> > 
> Yes, probably best. Using the installer program run './installer.sh
> --remove' first, to remove the old RKH installation. Then reinstall
> ('./installer.sh --install'). Then leave the /etc/rkhunter.conf file
> alone - completely.
 *SNIP*

Yea!  I'm getting good at installing and reinstalling rkhunter!  Per
your instructions, I created a rkhunter.conf.local file and I'm NOT
TOUCHING the original.

Now, we can move on to actually using rkhunter.  The first scan produced
a number of warnings.  Practically ALL of the "properties checks"
produced a warning (see below).  Is this a configuration error?


[08:36:46] Performing file properties checks
[08:36:46] Info: Starting test name 'properties'
[08:36:46] Checking for prerequisites                        [ OK ]
[08:36:47] /bin/awk                                          [ OK ]
[08:36:50] /bin/basename                                     [ Warning ]
[08:36:50] Warning: Package manager verification has failed:
[08:36:50]          File: /bin/basename
[08:36:50]          The file modification time has changed
[08:36:51] /bin/bash                                         [ Warning ]
[08:36:51] Warning: Package manager verification has failed:
[08:36:51]          File: /bin/bash
[08:36:51]          The file modification time has changed
[08:36:52] /bin/cat                                          [ Warning ]
[08:36:52] Warning: Package manager verification has failed:
[08:36:52]          File: /bin/cat
[08:36:52]          The file modification time has changed
[08:36:53] /bin/chmod                                        [ Warning ]
[08:36:53] Warning: Package manager verification has failed:
[08:36:53]          File: /bin/chmod
[08:36:53]          The file modification time has changed
[08:36:54] /bin/chown                                        [ Warning ]




------------------------------------------------------------------------------

_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users