[Rkhunter-users] Warning: Root account SHELLNAME shell history file is a symbolic link: FILENAME (fwd)

Hi there, This message appears when I run rkhunter on one of my mail servers: Warning: Root account SHELLNAME shell history file is a symbolic link: FILENAME On this particular machine I do indeed have a symlink pointing to a (bash) history file, but it is not called 'FILENAME' and the account

Re: [Rkhunter-users] Warning: Root account SHELLNAME shell history file is a symbolic link: FILENAME (fwd)

Hi there, On Tue, 30 Dec 2014, John Horne wrote: On Tue, 2014-12-30 at 17:08 +, G.W. Haywood wrote: ... This message appears when I run rkhunter on one of my mail servers: Warning: Root account SHELLNAME shell history file is a symbolic link: FILENAME ... I can't reproduce

Re: [Rkhunter-users] The suspscan temporary directory is not writable: /dev/shm

Hi there, On Fri, 15 May 2015, LANCE HOLLAND wrote: I've started getting the above message every time I run rkhunter on all my servers on ubuntu 14.04. I don't understand it as /dev/shm points to /run/shm which appears to be writeable. lrwxrwxrwx ??1 root root ?? ?? 8 Dec 21 15:35 shm -

Re: [Rkhunter-users] A funny issue with emails sent to root@localhost

Hi there, On Fri, 3 Apr 2015, Martin Cigorraga wrote: Yesterday I received a call from the security staff at my workplace regarding an email the network administrators had received delivered from my home IP and sent to root@localhost ... After thinking about this issue, which left me totally

Re: [Rkhunter-users] rkhunter.dat File Not Populated Correctly on Solaris 10 Platform

Hi there, On Tue, 28 Jul 2015, Skirpan Jr, Stephen J Jr CTR DISA PEO-C2C (US) wrote: Installed RKHunter 1.4.2 on four Solaris 10 test systems. ... After running the -check command [on one of the systems], every system file was flagged with either one of the following warnings: Warning: No

Re: [Rkhunter-users] 15 suspect files.

Hi there, On Thu, 21 Apr 2016, William wrote: > I just finished the weekly Fedora-23 patches and scans. The rkhunter > scan warned on 15 files: > ... > Is this a real problem or a false alarm? Almost certainly not a real problem. There will be release notes for the Fedora update, you might

Re: [Rkhunter-users] Warning suspscan

Hi there, On Fri, 15 Apr 2016, Andrea Boccaccio wrote: > I enclose the log of the following command "rkhunter --sk -c --enable > suspscan --debug". It looks like some build of kernel or kernel modules failed, leaving temporary files which would otherwise have been deleted. I doubt that there

Re: [Rkhunter-users] SSH PermitRootLogin forced-commands-only

Hello again, On Sat, 23 Jul 2016, Protected wrote: > ... Could it be a vim issue then? ... Unlikely, vim knows all about line endings. But you can use it to insert control characters like '\r' if you really try. :/ >> A utility such as 'fromdos' will fix it easily. > ... I'd rather not tinker

Re: [Rkhunter-users] (No Subject)

Hi there, On Mon, 19 Sep 2016, Faederwulf wrote: > I would like to know if there is a cause for alarm in any of the following: > Warning: The command '/usr/bin/lwp-request' has been replaced by a script: > /usr/bin/lwp-request: a /usr/bin/perl -w script, ASCII text executable Did you update

Re: [Rkhunter-users] Rkhunter & squid 3

Hi there, On Mon, 19 Sep 2016, Andrea Boccaccio wrote: >> As check I run "rkhunter --check --enable all --disable none --rwo", >> sometimes it gives me some warnings about some possible rootkit ... Have you looked at the FAQ? -- 73, Ged.

Re: [Rkhunter-users] Configuration tips?

Hi there, On Tue, 6 Jun 2017, Sivabs via Rkhunter-users wrote: I run RK on several server (>50). After every update/upgrade ... it is a lot of work :) Have you looked at configuration management systems?