LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Blogs
User Name
Password

Notices

Old

Rootkit Hunter 1.3.8 release

Posted 11-16-2010 at 07:48 PM by unSpawn

The Rootkit Hunter project team is pleased to announce the release of Rootkit Hunter 1.3.8.

The change log lists 24 bug fixes, 29 changes and 18 new items. Naming a few:

* Whitelist rootkit strings (RTKT_FILE_WHITELIST).
* Whitelist items not always present (EXISTWHITELIST).
* Whitelist combined pathname and port number (PORT_WHITELIST).
* Added Whirlpool and Ripemd160 hashes to file properties check.
* Support for DragonFly...
Moderator
Posted in Uncategorized
Views 1056 Comments 0 unSpawn is online now
Old

Rootkit Hunter 1.3.8 release imminent...

Posted 10-31-2010 at 10:40 AM by unSpawn

It time again for another release. But before we can I need you to test it in the coming two weeks. Please spare us a few minutes if you care. After testing please reply so we get an idea of how many people tested this release.

Here is a short checklist:
1) Does RKH install correctly?
2) Does 'rkhunter -C' show rkhunter.conf is OK? (Re-run after making changes.)
3) Does '--update' work?
4) Does '--versioncheck' work?
5) Does '--propupd' pick up...
Moderator
Posted in Uncategorized
Views 887 Comments 0 unSpawn is online now
Old

Rsyslog-4.6.3 .spec

Posted 07-28-2010 at 11:59 PM by unSpawn

Rsyslog is a Syslog replacement. Centos5U5 provides rsyslog-3.22.1-3.el5.i386 but the development branch is at 5.5.6 and the stable release is 4.6.3. Here's a .spec file that will build 4.6.3-1 (this wasn't derived from the 3.22.1 .src.rpm .spec so YMMV(VM) as usual):

Code:
%define debug_packages	%{nil}
%define debug_package %{nil}
%define name rsyslog
%define ver 4.6.3
%define rel 1

Name: %{name}
Summary: Enhanced system logging
...
Attached Files
File Type: txt init.rsyslog.txt (2.5 KB, 5 views)
Moderator
Posted in Uncategorized
Views 1176 Comments 0 unSpawn is online now
Old

Denyhosts vs Fail2ban aka tcp_wrappers vs iptables

Posted 07-22-2010 at 03:58 AM by unSpawn

At times denyhosts is being recommended over fail2ban. The common misconception being these applications are equal. They're not, OK in more than one way, but focusing on method of filtering denyhosts uses tcp_wrappers by default where Fail2ban uses iptables by default.

Using tcp_wrappers means a packet has to be delivered to that service. The serving application is responsible for reading /etc/hosts.{deny,allow} to determine itself if a connection is allowed or not. Requiring a network...
Moderator
Posted in Uncategorized
Views 5396 Comments 1 unSpawn is online now
Old

FUSE LoggedFS .spec

Posted 06-13-2010 at 06:50 AM by unSpawn

LoggedFS is a fuse-based filesystem which can log every operations that happens in it. See example output in the auditd missing syscalls? thread.

Code:
%define debug_packages	%{nil}
%define debug_package %{nil}
%define name loggedfs
%define ver 0.5
%define rel 1
%define _prefix /usr/local
%define _sysconfdir /usr/local/etc
%define _docdir /usr/local/share/doc
%define _mandir /usr/local/share/man
%define _bindir /usr/local/bin
...
Moderator
Posted in Uncategorized
Views 1400 Comments 0 unSpawn is online now

  



All times are GMT -5. The time now is 07:50 PM.

Main Menu
Advertisement

My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration