On Thu, 2011-06-30 at 13:55 -0500, Anthony Dye wrote: > Running rkhunter because I’ve definitely been hacked and I’m trying to > clean up instead of re-imaging and starting over. > > > > This is what happens on my first use: > > > > Performing additional rootkit checks > > Suckit Rookit additional checks [ OK ] > > Checking for possible rootkit files and directories [ None > found ] > > Checking for possible rootkit strings [ None > found ] > > > > Performing malware checks > > Checking running processes for deleted files > [ Warning ] > > Checking running processes for suspicious files [ None > found ] > > Checking for hidden processes > [ Skipped ] > > > > > > --- > > At that point, it hangs and will not proceed. Any ideas what I can do > to get rkhunter to complete? > Hello,
The next test would be 'suspscan' - scanning for suspicious file contents. Depending on your settings this can take a long time. I would suggest disabling the test and then see if RKH finishes. If it does, then you can test using just suspscan if you want (using the command 'rkhunter --enable suspscan'). John. -- John Horne, University of Plymouth, UK Tel: +44 (0)1752 587287 Fax: +44 (0)1752 587001 ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2d-c2 _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users