Re: rkhunter (root kit hunter) warning

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Kevin Fenzi wrote:
> On Mon, 18 Aug 2008 11:54:05 -0700 (PDT)
> deanm@xxxxxxxxxxxxx ("Dean S. Messing") wrote:
> 
> > 
> > I just installed rkhunter on this F7 machine
> 
> Sadly, F7 is no longer supported... 
> 
> > and am using the default config file (probably
> > a mistake.)
> 
> Well, I maintain rkhunter, and some issues were found with the config,
> but only after F7 was end of lifed. I thus wasn't able to update it. ;( 
> 
> You could try rebuilding the F-9 src.rpm for F7. 
> 
> Also, make sure you run 'rkhunter -propupd' to update the properties. 

Thanks a lot Kevin!

Were the changes you mention made during F8? If so I might have more
success rebuilding and installing the latest F8 rpm (1.3.2-4.fc8, I
think).  In the past I've had problems trying to build new packages on
older systems due to changes in "rpm" and new package requirements
(dependency hell).

Do you know if not having the Properties DB would cause the
warning message I got:

   Please inspect this machine, because it may be infected.

I had not run  "-propupd" because the F7 machine is several
months old and I could not guarantee what was required in the warning
on the man page:

      WARNING: It is the users responsibility to ensure that the files on
      the system are genuine and from a  reliable  source.  rkhunter  can
      only  report  if a file has changed, but not on what has caused the
      change. Hence, if a file has changed,  and  the  --propupd  command
      option is used, then rkhunter will assume that the file is genuine.

Dean

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux