Re: [Rkhunter-users] 2 brief questions please
Oh I'm terrribly sorry!! I just now saw that indeed rkhunter had logged the update to that .de language file. It shows it as having been updated on Jan 8 and then Jan 9 is when it came to my attention. I don't know how I missed that before; sorry to have troubled you with my questions! And yes, on ubuntu studio 12.10 --update and --versioncheck both seem to be done via a weekly cron job. Thanks again, and very best to everybody, Sam On Mon, Jan 13, 2014, at 18:24, John Horne wrote: > If you installed rkhunter as a package (e.g. as an RPM file or via > 'yum'), then it is possible that the packager included a cron job which > will run 'rkhunter --update' for you every so often. > > > > John. > > On 13/01/14 13:32, Sam Ashley wrote: > > Hi John, > > > > Thanks for your note. I'm afraid I didn't phrase my original question > > very well; sorry for that. What had me confused was that I had not > > recently done any software updates!, and so had not done > > > > /usr/bin/rkhunter --update > > > > but I don't think I made that at all clear in my email, sorry. (I did > > read the man page, but since I (believed I) hadn't initiated a software > > update I was confused; now I'm doubly confused because I'm wondering if > > there was a delay between an update and when I got the news... never > > mind) > > > > I was asking to the mailing list because I was wondering if rkhunter > > logs things like updates to the language files, with time stamps. > > > > At any rate thanks again for a very nice program!! > > > > Best, > > Sam > > > > > > On Sat, Jan 11, 2014, at 21:29, John Horne wrote: > >> On Fri, 2014-01-10 at 15:18 +0100, Sam Ashley wrote: > >>> Yesterday I got a warning that the > >>> hash for this was showing a change: > >>> > >>> /var/lib/rkhunter/db/i18n/de [ Warning ] > >>> > >> Yes, the German language file was recently changed. > >> > >>> /usr/bin/rkhunter --update > >>> > >> This doesn't do a software update, it updates the rkhunter data files, > >> including the language files! That is why your German file was updated. > >> Suggest you read the rkhunter man page to see how it works. > >> > >> > >> > >> John. > >> > >> -- > >> > >> John Horne Tel: +44 (0)1752 587287 > >> Plymouth University, UK Fax: +44 (0)1752 587001 > >> > >> > >> -- > >> CenturyLink Cloud: The Leader in Enterprise Cloud Services. > >> Learn Why More Businesses Are Choosing CenturyLink Cloud For > >> Critical Workloads, Development Environments & Everything In Between. > >> Get a Quote or Start a Free Trial Today. > >> http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk > >> ___ > >> Rkhunter-users mailing list > >> Rkhunter-users@lists.sourceforge.net > >> https://lists.sourceforge.net/lists/listinfo/rkhunter-users > > > -- > CenturyLink Cloud: The Leader in Enterprise Cloud Services. > Learn Why More Businesses Are Choosing CenturyLink Cloud For > Critical Workloads, Development Environments & Everything In Between. > Get a Quote or Start a Free Trial Today. > http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk > ___ > Rkhunter-users mailing list > Rkhunter-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/rkhunter-users -- http://www.fastmail.fm - Access your email from home and the web -- CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk ___ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
Re: [Rkhunter-users] 2 brief questions please
On 2014-01-13 12:24 PM, John Horne wrote: > If you installed rkhunter as a package (e.g. as an RPM file or via > 'yum'), then it is possible that the packager included a cron job which > will run 'rkhunter --update' for you every so often. On gentoo it defaults to running with every nightly cron job... -- CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk ___ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
Re: [Rkhunter-users] 2 brief questions please
If you installed rkhunter as a package (e.g. as an RPM file or via 'yum'), then it is possible that the packager included a cron job which will run 'rkhunter --update' for you every so often. John. On 13/01/14 13:32, Sam Ashley wrote: > Hi John, > > Thanks for your note. I'm afraid I didn't phrase my original question > very well; sorry for that. What had me confused was that I had not > recently done any software updates!, and so had not done > > /usr/bin/rkhunter --update > > but I don't think I made that at all clear in my email, sorry. (I did > read the man page, but since I (believed I) hadn't initiated a software > update I was confused; now I'm doubly confused because I'm wondering if > there was a delay between an update and when I got the news... never > mind) > > I was asking to the mailing list because I was wondering if rkhunter > logs things like updates to the language files, with time stamps. > > At any rate thanks again for a very nice program!! > > Best, > Sam > > > On Sat, Jan 11, 2014, at 21:29, John Horne wrote: >> On Fri, 2014-01-10 at 15:18 +0100, Sam Ashley wrote: >>> Yesterday I got a warning that the >>> hash for this was showing a change: >>> >>> /var/lib/rkhunter/db/i18n/de [ Warning ] >>> >> Yes, the German language file was recently changed. >> >>> /usr/bin/rkhunter --update >>> >> This doesn't do a software update, it updates the rkhunter data files, >> including the language files! That is why your German file was updated. >> Suggest you read the rkhunter man page to see how it works. >> >> >> >> John. >> >> -- >> >> John Horne Tel: +44 (0)1752 587287 >> Plymouth University, UK Fax: +44 (0)1752 587001 >> >> >> -- >> CenturyLink Cloud: The Leader in Enterprise Cloud Services. >> Learn Why More Businesses Are Choosing CenturyLink Cloud For >> Critical Workloads, Development Environments & Everything In Between. >> Get a Quote or Start a Free Trial Today. >> http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk >> ___ >> Rkhunter-users mailing list >> Rkhunter-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/rkhunter-users -- CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk ___ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
Re: [Rkhunter-users] 2 brief questions please
Hi John, Thanks for your note. I'm afraid I didn't phrase my original question very well; sorry for that. What had me confused was that I had not recently done any software updates!, and so had not done /usr/bin/rkhunter --update but I don't think I made that at all clear in my email, sorry. (I did read the man page, but since I (believed I) hadn't initiated a software update I was confused; now I'm doubly confused because I'm wondering if there was a delay between an update and when I got the news... never mind) I was asking to the mailing list because I was wondering if rkhunter logs things like updates to the language files, with time stamps. At any rate thanks again for a very nice program!! Best, Sam On Sat, Jan 11, 2014, at 21:29, John Horne wrote: > On Fri, 2014-01-10 at 15:18 +0100, Sam Ashley wrote: > > Yesterday I got a warning that the > > hash for this was showing a change: > > > > /var/lib/rkhunter/db/i18n/de [ Warning ] > > > Yes, the German language file was recently changed. > > > /usr/bin/rkhunter --update > > > This doesn't do a software update, it updates the rkhunter data files, > including the language files! That is why your German file was updated. > Suggest you read the rkhunter man page to see how it works. > > > > John. > > -- > > John Horne Tel: +44 (0)1752 587287 > Plymouth University, UK Fax: +44 (0)1752 587001 > > > -- > CenturyLink Cloud: The Leader in Enterprise Cloud Services. > Learn Why More Businesses Are Choosing CenturyLink Cloud For > Critical Workloads, Development Environments & Everything In Between. > Get a Quote or Start a Free Trial Today. > http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk > ___ > Rkhunter-users mailing list > Rkhunter-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/rkhunter-users -- http://www.fastmail.fm - Or how I learned to stop worrying and love email again -- CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk ___ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
Re: [Rkhunter-users] 2 brief questions please
On Fri, 2014-01-10 at 15:18 +0100, Sam Ashley wrote: > Yesterday I got a warning that the > hash for this was showing a change: > > /var/lib/rkhunter/db/i18n/de [ Warning ] > Yes, the German language file was recently changed. > /usr/bin/rkhunter --update > This doesn't do a software update, it updates the rkhunter data files, including the language files! That is why your German file was updated. Suggest you read the rkhunter man page to see how it works. John. -- John Horne Tel: +44 (0)1752 587287 Plymouth University, UK Fax: +44 (0)1752 587001 -- CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk ___ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
[Rkhunter-users] 2 brief questions please
Hi all, Rkhunter is being run every day on my laptop, and very smoothly. Instead of emailing me (which I didn't know how to configure) I have a small script that checks the rkhunter logs every day for certain strings, like for example "Warning". Yesterday I got a warning that the hash for this was showing a change: /var/lib/rkhunter/db/i18n/de [ Warning ] It seems odd to me because it looks like that is only the German version of messages that rkhunter displays. Also there were no other errors reported, and that was the only one of those files that was changed (there are 5 in all). My OS is in English btw. I'm asking here because I'm not sure how to go about investigating this; reading the rkhunter logs doesn't seem to offer any clues. Also I would like to ask your expert opinion about something which may be related. I wonder if I should I add: APT_AUTOGEN="yes" to /etc/default/rkhunter in order to to enable automatic database updates. (This is an ubuntu 12.10 system.) Instead I have been just manually doing: /usr/bin/rkhunter --versioncheck and /usr/bin/rkhunter --update every time I do a software update. Thanks a lot, Sam -- http://www.fastmail.fm - A no graphics, no pop-ups email service -- CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk ___ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
