LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Blogs > unSpawn
User Name
Password

Notices

Uncategorized Entries with no category
Old

Rootkit Hunter alternative for suspscan

Posted 07-25-2011 at 06:16 PM by unSpawn

I've been mulling (yes, mulling) replacements for RKH's suspscan for a while now. Suspscan was an experiment to see if there could be a more generic, less name-based way of finding malware. The resultant monstrosity is resource-intensive, impossible to configurable and rarely used. Researching something else (as usual) I came across this rather good presentation (PDF) about creating ones own AV signatures: Writing ClamAV Signatures and not long after that I found R-fx Networks' Linux Malware Detect....
Moderator
Posted in Uncategorized
Views 1220 Comments 0 unSpawn is offline
Old

Mypaint-0.5.0 .spec

Posted 01-05-2011 at 07:41 AM by unSpawn

Mypaint is a open-source graphics application for use with a tablet. It kind of looks like Fractal Design Painter must have looked at alpha 0.1 stage. Nonetheless worth a try building a package. Here's a spec built, tested and installed on Centos 5.5 Intel. Note it doesn't build for x86_64 as I have none:
Code:
%define debug_packages  %{nil}
%define debug_package %{nil}
%define name mypaint
%define ver 0.5.0
%define rel 1
Name: %{name}
Summary:
...
Moderator
Posted in Uncategorized
Views 842 Comments 0 unSpawn is offline
Old

Rootkit Hunter 1.3.8 release

Posted 11-16-2010 at 07:48 PM by unSpawn

The Rootkit Hunter project team is pleased to announce the release of Rootkit Hunter 1.3.8.

The change log lists 24 bug fixes, 29 changes and 18 new items. Naming a few:

* Whitelist rootkit strings (RTKT_FILE_WHITELIST).
* Whitelist items not always present (EXISTWHITELIST).
* Whitelist combined pathname and port number (PORT_WHITELIST).
* Added Whirlpool and Ripemd160 hashes to file properties check.
* Support for DragonFly...
Moderator
Posted in Uncategorized
Views 985 Comments 0 unSpawn is offline
Old

Rootkit Hunter 1.3.8 release imminent...

Posted 10-31-2010 at 10:40 AM by unSpawn

It time again for another release. But before we can I need you to test it in the coming two weeks. Please spare us a few minutes if you care. After testing please reply so we get an idea of how many people tested this release.

Here is a short checklist:
1) Does RKH install correctly?
2) Does 'rkhunter -C' show rkhunter.conf is OK? (Re-run after making changes.)
3) Does '--update' work?
4) Does '--versioncheck' work?
5) Does '--propupd' pick up...
Moderator
Posted in Uncategorized
Views 838 Comments 0 unSpawn is offline
Old

Rsyslog-4.6.3 .spec

Posted 07-28-2010 at 11:59 PM by unSpawn

Rsyslog is a Syslog replacement. Centos5U5 provides rsyslog-3.22.1-3.el5.i386 but the development branch is at 5.5.6 and the stable release is 4.6.3. Here's a .spec file that will build 4.6.3-1 (this wasn't derived from the 3.22.1 .src.rpm .spec so YMMV(VM) as usual):

Code:
%define debug_packages	%{nil}
%define debug_package %{nil}
%define name rsyslog
%define ver 4.6.3
%define rel 1

Name: %{name}
Summary: Enhanced system logging
...
Attached Files
File Type: txt init.rsyslog.txt (2.5 KB, 5 views)
Moderator
Posted in Uncategorized
Views 1109 Comments 0 unSpawn is offline

  



All times are GMT -5. The time now is 08:20 PM.

Main Menu

My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration