Hello folks,
I have a small home network which I am fairly sure (thanks largely to
RKHunter) is not actually compromised in any way. I recently upgraded to 1.3.0
and, having done so, decided to give it a good run by turning all pretty much
all of the tests to see what would happen. This has
On Tue, Oct 23, 2007 at 05:16:08PM +0100, John Horne wrote:
Hmmm... Funny - got your reply but my original mail never showed up at my
end...
On Tue, 2007-10-23 at 15:57 +0100, Arthur Dent wrote:
I'm assuming you are running something like 'rkhunter --versioncheck' on
its own in cron
On Tue, Oct 23, 2007 at 10:30:59PM +0100, John Horne wrote:
I presume I need to add the argument --nocolors to the versioncheck line?
Yes, but add it to the '--update' line as well. Alternatively, you can
combine it all in one:
rkhunter --versioncheck --update --cronjob
Well I'm beginning to make real progress here. My aim is to have a completely
clean sheet with RKH running as many tests as possible.
So far, point no. 1 (strange characters in cron output) has been cleared up
nicely with the use of the --nocolors option. Thanks.
Point no. 2 (deleted files).
Hello all,
I have recently upgraded my Fedora box from FC6 to F8. I did not simply copy
across my rkhunter.conf file, but gradually re-introduced the configurations
step-by-step to see what would need to be changed.
I have now eliminated all the errors and warnings except one:
Warning: The
On Sat, Jan 05, 2008 at 06:09:33PM -0600, David Gibbs wrote:
Arthur Dent wrote:
Will RKH reflect this change?
There's statement in the rkh config file where you can specify the
syslog.conf file. It's an easy change to make it 'rsyslog.conf'.
Yes. If you look at my original post you'll see
Hello All,
I got this message this morning after my daily RKH run:
Checking rkhunter data files...
Checking file mirrors.dat [ No update]
Checking file programs_bad.dat[ No update]
Checking file backdoorports.dat
Hello all,
I have just upgraded from F9 to F11 and using the same RKH version as I
had on F9 (1.3.4) I now get the following warnings.
Warning: The following processes are using deleted files:
Process: /usr/libexec/mysqldPID: 1651
File: /tmp/ib7hmLbP
Process: /bin/mailx
On Thu, 2010-12-02 at 14:36 +, John Horne wrote:
On Thu, 2010-12-02 at 14:05 +, Arthur Dent wrote:
Hello all,
I just upgraded from 1.3.6 to 1.3.8 on my Fedora 13 system, and on each
RKH run I get a the following warning:
Warning: The following processes are using deleted
Hello All,
I have just upgraded from Fedora 13 to F15 and have implemented the same
version of RKH as I was running on the old F13 machine a few days ago.
On running RKH I get:
Warning: The command '/usr/local/bin/rkhunter' has been replaced and is not a
script: /usr/local/bin/rkhunter: POSIX
On Wed, 2011-06-01 at 15:26 -0600, Kevin Fenzi wrote:
On Wed, 01 Jun 2011 22:16:03 +0100
John Horne john.ho...@plymouth.ac.uk wrote:
On Wed, 2011-06-01 at 21:37 +0100, Arthur Dent wrote:
Hello All,
I have just upgraded from Fedora 13 to F15 and have implemented the
same version
Hello All,
I have a couple of Java applications running on this machine. A bit of
googling has shown me that when they run they create a file called
hsperfdata_{USER}/{NUMBER} which apparently helps with performance
somehow. The location of this file is (again, apparently) hard-coded
as /tmp/.
On Wed, 2011-07-20 at 11:51 +0100, John Horne wrote:
On Wed, 2011-07-20 at 11:37 +0100, Arthur Dent wrote:
Hello All,
I have a couple of Java applications running on this machine. A bit of
googling has shown me that when they run they create a file called
hsperfdata_{USER}/{NUMBER
I know you are probably going to (gently) remind me that this is
probably an issue for the Fedora list, but following Kevin Fenzi's reply
to my previous thread, in which he said that the the latest updates were
shortly about to go into the Fedora stable repository, I decided to to a
yum update.
On Mon, 2011-08-01 at 11:46 +0100, John Horne wrote:
On Sat, 2011-07-30 at 14:12 +0100, Arthur Dent wrote:
I know you are probably going to (gently) remind me that this is
probably an issue for the Fedora list,
No, it's on topic for this list :-)
Have I messed something up
On Mon, 2011-08-01 at 12:23 +0100, Arthur Dent wrote:
On Mon, 2011-08-01 at 11:46 +0100, John Horne wrote:
On Sat, 2011-07-30 at 14:12 +0100, Arthur Dent wrote:
I know you are probably going to (gently) remind me that this is
probably an issue for the Fedora list,
No, it's on topic
On Mon, 2011-08-01 at 20:53 +0100, John Horne wrote:
On Sat, 2011-07-30 at 14:12 +0100, Arthur Dent wrote:
I know you are probably going to (gently) remind me that this is
probably an issue for the Fedora list, but following Kevin Fenzi's reply
to my previous thread, in which he said
On Tue, 2011-08-02 at 00:46 +0100, Arthur Dent wrote:
OK - Thanks John, that works.
Ooops. Spoke too soon
From this morning's run:
-- Start Rootkit Hunter Scan --
Warning: The following processes are using deleted files:
Process: /bin/bash
On Tue, 2011-08-02 at 10:51 +0100, John Horne wrote:
Yeah, I noticed that yesterday, I'm not convinced that wildcarding works
with that option. It is something that I need to look at. For the moment
all I can suggest is either remove the wildcarding so that you just
whitelist bash and gawk
19 matches
Mail list logo
