I work mostly on AIX servers. I can account for most of the differences
with whitelists and allows. I am however running into an issue with the
strings command test. It fails to find any of the test strings on AIX.
I end up with the following messages in the log file.
[12:23:54] Warning: Scanning for string /usr/sbin/ntpsx [ Warning ]
String not found in 'strings' command
[12:23:54] Warning: Scanning for string /usr/sbin/.../bkit-ava [ Warning ]
String not found in 'strings' command
[12:23:54] Warning: Scanning for string /usr/sbin/.../bkit-d [ Warning ]
String not found in 'strings' command
There are more I just figured you probably didn't need all of them.
I propose a change to the strings_check function.
On line 8603 I would like to see it changed From:
STRING_SEEN=`echo "${STRING}" | ${STRINGS_CMD} | grep "${STRINGNAME}" | tr
-d ' '`
To:
STRING_SEEN=`echo "${STRING}" | ${STRINGS_CMD} -a | grep "${STRINGNAME}" |
tr -d ' '`
Adding the -a argument works in both AIX and Linux. If that isn't
satisfactory there should be a check to see if its on aix and the command
should include the "-a" or "-" as an argument to the strings command.
Let me know your thoughts.
Thanks,
Josh
------------------------------------------------------------------------------
Shape the Mobile Experience: Free Subscription
Software experts and developers: Be at the forefront of tech innovation.
Intel(R) Software Adrenaline delivers strategic insight and game-changing
conversations that shape the rapidly evolving mobile landscape. Sign up now.
http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
