Thank you Florin,
When I set the mtu to 300, the wget was successful. I will pass this
information along to our network team.
Thanks!
Julie
From: Florin Popovici [mailto:florin.popov...@gmail.com]
Sent: Saturday, May 03, 2014 8:50 AM
To: Davenport, Julie
Cc: RkhunterList
Subject: Re: [Rkhunter-users] error on backdoorports.dat when using rkhunter
--update
Julie,
Your machine is probably affected by a network issue, and my guess is that it's
related to broken PMTU detection.
Confirming this is indeed the case should be easy: lower the MTU of the
[public] network interface to 300bytes, and retry the wget / curl command.
Lowering the MTU is easy:
1. type "ip link show dev eth0" (replace eth0 with your appropriate network
interface). The first line should have the "mtu" keyword somewhere, followed
by a number -- this is your actual MTU setting. You might want to make note of
it for future restoration
2. type "ip link set dev eth0 mtu 300"
3. re-type the first line, to confirm the mtu has indeed changed.
HTH
Florin
On Tue, Apr 29, 2014 at 1:27 AM, Davenport, Julie
<jdavenp...@ctcd.edu<mailto:jdavenp...@ctcd.edu>> wrote:
Thank you for your reply. Here are the results of your suggestions:
When I tried the first way:
/usr/bin/wget -q -O "/tmp/rkhunter.upd.cssTY17212"
http://rkhunter.sourceforge.net/1.3/backdoorports.dat
it just hung there and did nothing, so I terminated it.
When I tried it again without the -q it looked like it was trying, but kept
giving me this error:
2014-04-28 17:19:03 (0.00 B/s) - Read error at byte 0/1055 (Connection reset by
peer). Retrying.
so I terminated that as well (see screen shot attached).
It put a file in /tmp but it is empty:
[root@server tmp]# pwd
/tmp
[root@server tmp]# ls -l rk*
-rw-r--r-- 1 root root 0 Apr 28 17:18 rkhunter.upd.cssTY17212
[root@server tmp]#
Thx,
Julie
-----Original Message-----
From: John Horne
[mailto:john.ho...@plymouth.ac.uk<mailto:john.ho...@plymouth.ac.uk>]
Sent: Monday, April 28, 2014 5:05 PM
To: RkhunterList
Subject: Re: [Rkhunter-users] error on backdoorports.dat when using rkhunter
--update
On Mon, 2014-04-28 at 20:40 +0000, Davenport, Julie wrote:
>
> I did a complete uninstall of rkhunter, removed it completely from my
> server, downloaded the tar.gz file again from the website, and
> re-installed it. When I ran the update I got the same error I have
> been getting with backdoorports.dat ([ Update failed ]) and this in
> the /var/log/rkhunter.log:
>
> [14:25:51] Info: Executing download command '/usr/bin/wget -q -O
> "/var/lib/rkhunter/tmp/rkhunter.upd.cssTY17212"
> http://rkhunter.sourceforge.net/1.3/backdoorports.dat 2>/dev/null'
> [14:34:11] Warning: Download of 'backdoorports.dat' failed: Unable to
> determine the latest version number.
>
What happens when you run the command from the command line:
/usr/bin/wget -q -O "/tmp/rkhunter.upd.cssTY17212"
http://rkhunter.sourceforge.net/1.3/backdoorports.dat
This should download the file into /tmp. If it doesn't then run it again but
without the '-q' option.
Secondly, what does the downloaded file contain?
John.
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net<mailto:Rkhunter-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
------------------------------------------------------------------------------
Is your legacy SCM system holding you back? Join Perforce May 7 to find out:
• 3 signs your SCM is hindering your productivity
• Requirements for releasing software faster
• Expert tips and advice for migrating your SCM now
http://p.sf.net/sfu/perforce
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
