Hi,
thanks for your replies. Here the settings of my rkhunter.conf: #> grep -v "^#" rkhunter.conf | grep . UPDATE_MIRRORS=1 MIRRORS_MODE=0 TMPDIR=/var/lib/rkhunter/tmp DBDIR=/var/lib/rkhunter/db SCRIPTDIR=/usr/share/rkhunter/scripts UPDATE_LANG="en" LOGFILE=/var/log/rkhunter.log USE_SYSLOG=authpriv.warning AUTO_X_DETECT=1 ALLOW_SSH_PROT_V1=2 ENABLE_TESTS=ALL DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps apps SCRIPTWHITELIST=/bin/egrep SCRIPTWHITELIST=/bin/fgrep SCRIPTWHITELIST=/bin/which SCRIPTWHITELIST=/usr/bin/ldd SCRIPTWHITELIST=/usr/sbin/adduser SCRIPTWHITELIST=/usr/bin/egrep SCRIPTWHITELIST=/usr/bin/fgrep SCRIPTWHITELIST=/usr/bin/which SCRIPTWHITELIST=/usr/bin/lwp-request ALLOWHIDDENDIR=/etc/.java ALLOWDEVFILE=/dev/shm/PostgreSQL.* WEB_CMD="" INSTALLDIR=/usr If I change the WEB_CMD to 'WEB_CMD=wget' the updates is still failing. I have also found another Debian 10 server which rkhunter V1.4.6. On that machine the update works fine! The configuration is the same (except some differences in the "ALLOW..." entries). The WEB_CMD entry is there set to: WEB_CMD="" If I look on this machine into the log file I see that the update URL is correct (within ".../1.4/..."): Info: Executing download command '/usr/bin/wget -q -O "/var/lib/rkhunter/tmp/rkhunter.upd.KLbWw6RrLe" http://rkhunter.sourceforge.net/1.4/programs_bad.dat 2>/dev/null' That's strange. Where is the difference to the machien on which the update fails? Best regards, Steffen
_______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
