On 13 May 2026 at 0:20, John Horne wrote: Subject: Re: rkhunter? From: John Horne <[email protected]> To: Community support for Fedora users <[email protected]> Date sent: Wed, 13 May 2026 00:20:21 +0100 Send reply to: Community support for Fedora users <[email protected]>
> On Wed, 2026-05-13 at 08:17 +1000, Michael D. Setzer II via users wrote: > > > > On 12 May 2026 at 22:47, John Horne wrote: > > Subject: Re: rkhunter? > > From: John Horne <[email protected]> > > To: Community support for Fedora users > > <[email protected]> > > Date sent: Tue, 12 May 2026 22:47:43 +0100 > > Send reply to: Community support for Fedora users > > <[email protected]> > > > On Tue, 2026-05-12 at 06:33 +0200, Marco Moock wrote: > > > > Am 12.05.26 um 05:03 schrieb Robert Moskowitz via users: > > > > > > > > > Warning: The command '/usr/bin/egrep' has been replaced by a script: > > > > > +/usr/bin/egrep: a /usr/bin/sh script, ASCII text executable > > > > This has been done to reduce the amount of work, as commands like fgrep > > > > or egrep are just "short" for grep -E grep -F. > > > > > > > You could use rkhunter version 1.4.7 on Sourceforge. It dates from 2022, > > > and includes fixes for egrep/grep/awk/sed commands. > > > > > > When the project changed hands this is the version that should have been > > > made available (probably as version 1.4.8), not the basic version 1.4.6 > > > found on sourceforge. > > > > I can find no 1.4.7 or 1.4.8? Only the 1.46. > > Downloaded it and compared rkhunger file it has to the one fedora 43 > > installs. > > > There is no 1.4.8 version, I merely suggested that any release of the > sourceforge development version (1.4.7) by the developer(s) may have wanted to > release it as 1.4.8. > > 1.4.7 can be found at: > https://sourceforge.net/p/rkhunter/rkh_code/ci/develop/tree/files/ > > There is a link in the page to get a git clone of the code or to download a > snapshot. Note listed as a file to download, but moved to git. did the git clone and found this information. Latest being 2018-02-24, Mentions 1.4.6?? git log --pretty=format:"<%h> %cd [%an] %s" --date=short | more <016a779> 2018-02-24 [John Horne] Update rpm spec file for version 1.4.6. <ab16d78> 2018-02-24 [John Horne] Correct if statement operator for portability. <abb6df6> 2018-02-19 [John Horne] Update to version 1.4.6 <aafa5af> 2018-02-11 [John Horne] Check for System.map file is no other kernel symbol file can be found. <0f6a489> 2018-02-11 [John Horne] Update copyright year. <73c824d> 2018-02-05 [John Horne] Small rewording in language file for kernel symbol messages. <85df184> 2018-01-22 [John Horne] Added SUSPSCAN_WHITELIST config option. <358728a> 2018-01-20 [John Horne] Added tests for OSX proton backdoor. <b055519> 2018-01-20 [John Horne] Added basic tests for Mokes backdoor. <06f49e6> 2018-01-20 [John Horne] Add basic test of OSX eleanor running processes. <57d0faa> 2018-01-20 [John Horne] Added test for OSX keydnap backdoor. <5bbcecc> 2018-01-20 [John Horne] For the running_procs test only check for OSX files on OSX systems. <cab1dae> 2018-01-20 [John Horne] Added check for OSX keranger process (ransomware). <4147d74> 2018-01-20 [John Horne] Added Komplex trojan test. <85aa368> 2018-01-18 [John Horne] Added basic test for Jynx2 rootkit. <6f7fd55> 2018-01-18 [John Horne] Trivial comment change. <2649532> 2018-01-18 [John Horne] Moved part of module code to the actual test. <0cc521c> 2018-01-17 [John Horne] Added test for the Ebury sshd backdoor. Also added new test for suspicious SSH config options. <98867dc> 2018-01-17 [John Horne] Remove references to CVS from the README file. <4aab49c> 2018-01-17 [John Horne] Removed references to CVS in the FAQ file. Also updated URL of latest version. <2280e4b> 2018-01-17 [John Horne] Removed references to CVS (no longer used). <e05b0cb> 2018-01-17 [John Horne] Cater for simple filenames in the shared_libs test. <89d854c> 2018-01-16 [John Horne] Added SKIP_INODE_CHECK config option (mainly for btrfs etc). <9eef4de> 2018-01-16 [John Horne] Some malware checks were not being recorded in the summary rootkit count. <847a134> 2018-01-15 [John Horne] User disabled tests do not need to be logged if verbose logging disabled. <ed1f23f> 2018-01-15 [John Horne] Get latest version number from top-level of website - not in sub-directory. The code now agrees with the d ocumentation. <51f4fe2> 2018-01-15 [John Horne] Don't display some info msgs from suspscan test when verbose logging disabled. <cdf7caf> 2018-01-15 [John Horne] Remove more info messages when verbose logging disabled. This is for the ports and apps tests. <9a54d12> 2018-01-14 [John Horne] Disabling verbose logging could hide some warning messages. Reworked some of the verbose logging such that results of minor file checks etc are no longer shown if verbose logging is disabled. Added log messages if the missing/empty log files opti ons are not set, but the test is run. (Previously it just said not found.) --More-- > > > > John. > -- > _______________________________________________ > users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/[email protected] > Do not reply to spam, report it: > https://forge.fedoraproject.org/infra/tickets/issues/new +------------------------------------------------------------+ Michael D. Setzer II - Computer Science Instructor (Retired) mailto:[email protected] mailto:[email protected] mailto:[email protected] Guam - Where America's Day Begins G4L Disk Imaging Project maintainer http://sourceforge.net/projects/g4l/ +------------------------------------------------------------+ -- _______________________________________________ users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
