Installing an application correctly
After a few members gave me wise counsel I installed
Code:
rkhunter Besides Xiphos this is the first application that I have installed and want to be sure I didn't wreck my new OS. Did I execute this correctly? And does this mean that their have been 130 rootkits discovered? (I certainly hope not!) Code:
ztcoracat@mock:~$ su |
Code:
File updated: searched for 162 files, found 130 Alex Brinister |
After reading this post, I decided to give rkhunter a try.
Quote:
Quote:
From the man pages: Quote:
After installing rkhunter, I immediately ran a check: Code:
rkhunter -c I then did an update: Code:
rkhunter --update I again ran a check with the same results prior to the update. I decided to do a properties update and then another check: Code:
rkhunter --propupd && rkhunter -c A look at the /var/log/rkhunter.log file showed that the propupd saved the checksum using a different HASH that was used for the commands. After running the check with the --pkgmgr option: Code:
rkhunter -c --pkgmgr DPKG And: Code:
rkhunter --propupd --pkgmgr DPKG Please read the manpages and log file very carefully before jumping to conclusions. For example, when I do a check, I get this in the summary: Code:
Rootkit checks... Code:
[00:49:10] Warning: Checking for possible rootkit strings [ Warning ] The long and short of it all is that you must read the manpages and logfile before coming to any conclusions. After this I installed the unhidepackage and it's showing 3 hidden processes. Now I'll look into this. |
Towheedm:
You asked why I reconfigured; I was only doing what a member posted and I followed his/her instructions in order to install this rkhunter. I was warned in advance prior to installing this application that it could produce a false positive to the ie:) Xzibit I was not aware of this properties update: Code:
rkhunter --propupd && rkhunter -c Code:
rkhunter -c You are more skilled than I and I am still learning. I installed rkhunter because I again was given counsel to do so. I still have other packages I'd like to install that are not on my system. Code:
Bastille, lynis, chkrootkit, tripwire, tiger, clamav,psad and others I do not understand how to find other information within the man pages (I'm still learning) I appreciate you explaining thing and am on my way to learn from the man pages as you have advised; Thank You:) |
Quote:
Code:
rkhunter --propupd && rkhunter -c If you're using Squeeze, then use the propupd option together with the pkgmgr option: Code:
rkhunter --propupd --pkgmgr DPKG Quote:
The command man man gives you the manpages for the man command, which tells you how to use man. Most external apps will have a manpage. Entering man <command> brings up the man page for that command. For example: Code:
man ls # Show the manpage for the ls command Code:
SEE ALSO Code:
man <n> <command> # Where <n> is the number in brackets Code:
SEE ALSO Code:
info coreutils 'ls invocation' Quote:
|
Towheedm:
I understand now how properties update was made. The first 4 letters in properties and the up in the word update made sense when I read it. I often wondered how commands were written out and made. Thank You showing me that by example. As far as the man pages I'm still a little confused. If I understand your example: Code:
<man> <n> <command> # where <n> is the # in brackets And by # please give me a example I'm thinking something like this but I'm probably wrong: Code:
man gimp update <2.6> ? |
Quote:
Quote:
Let's take a look at the manpages for the man command: Code:
man man Code:
man [section] page Code:
DESCRIPTION Now, there may be several pages for man in different sections. For example, there may be a manpage for man in section 1 and also also one in section 7. So how do we display the specific page? That's where the [sectopn] option comes in. If specified, it tells man in what section to look for the manpages were are interested in. Therefore, to display the manpages for man from section 7, we enter: Code:
man 7 man Now, if you go to the end of manpages for man from section 7, you will see: Code:
SEE ALSO Code:
man 1 groff Code:
man 7 groff_man Again, you should thoroughly read and understand the contents from: Code:
man man |
The examples that you gave in code like
Code:
man 1 groff In regard to how commands are made you said; "do not take it literally as some options may not necessarily be a true representation of their meaning." I needed that confirmation as well as I was taking that literally- Now I know better. I will throughly read the contents in the terminal for: Code:
man man I see now that the man pages are considered to be one's friend. |
All times are GMT -5. The time now is 09:08 AM. |