On Thu, 2011-06-30 at 13:55 -0500, Anthony Dye wrote:
> Running rkhunter because I’ve definitely been hacked and I’m trying to
> clean up instead of re-imaging and starting over.
> 
>  
> 
> This is what happens on my first use:
> 
>  
> 
>   Performing additional rootkit checks
> 
>     Suckit Rookit additional checks                          [ OK ]
> 
>     Checking for possible rootkit files and directories      [ None
> found ]
> 
>     Checking for possible rootkit strings                    [ None
> found ]
> 
>  
> 
>   Performing malware checks
> 
>     Checking running processes for deleted files
> [ Warning ]
> 
>     Checking running processes for suspicious files          [ None
> found ]
> 
>     Checking for hidden processes
> [ Skipped ]
> 
>  
> 
>  
> 
> ---
> 
> At that point, it hangs and will not proceed. Any ideas what I can do
> to get rkhunter to complete?
> 
Hello,

The next test would be 'suspscan' - scanning for suspicious file
contents. Depending on your settings this can take a long time. I would
suggest disabling the test and then see if RKH finishes. If it does,
then you can test using just suspscan if you want (using the command
'rkhunter --enable suspscan').




John.

-- 
John Horne, University of Plymouth, UK
Tel: +44 (0)1752 587287    Fax: +44 (0)1752 587001


------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security 
threats, fraudulent activity, and more. Splunk takes this data and makes 
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users

Reply via email to