LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-10-2010, 07:35 PM   #1
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,013

Rep: Reputation: 30
was rkhunter updated recently?


My daily rkhunter scan has stopped working, was it updated in the repo recently?

I now had a few listed errors - do these look normal?

Code:
[root@server ~]# rkhunter --cronjob --rwo
Warning: Checking for prerequisites               [ Warning ]
         The file of stored file properties (rkhunter.dat) does not exist, and should be created. To do this type in 'rkhunter --propupd'.
Warning: WARNING! It is the users responsibility to ensure that when the '--propupd' option
         is used, all the files on their system are known to be genuine, and installed from a
         reliable source. The rkhunter '--check' option will compare the current file properties
         against previously stored values, and report if any values differ. However, rkhunter
         cannot determine what has caused the change, that is for the user to do.
Warning: The command '/usr/bin/groups' has been replaced by a script: /usr/bin/groups: Bourne shell script text executable
Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne shell script text executable
Warning: The command '/usr/bin/whatis' has been replaced by a script: /usr/bin/whatis: Bourne shell script text executable
Warning: The command '/sbin/ifdown' has been replaced by a script: /sbin/ifdown: Bourne-Again shell script text executable
Warning: The command '/sbin/ifup' has been replaced by a script: /sbin/ifup: Bourne-Again shell script text executable

Warning: Hidden directory found: /dev/.udev
Warning: Hidden file found: /usr/share/man/man1/..1.gz: gzip compressed data, from Unix, max compression
Warning: Hidden file found: /usr/bin/.fipscheck.hmac: ASCII text
Warning: Hidden file found: /usr/bin/.ssh.hmac: ASCII text
Warning: Hidden file found: /usr/sbin/.sshd.hmac: ASCII text
Warning: Application 'httpd', version '2.2.3', is out of date, and possibly a security risk.
Warning: Application 'named', version '9.3.6-P1', is out of date, and possibly a security risk.
Warning: Application 'openssl', version '0.9.8e', is out of date, and possibly a security risk.
Warning: Application 'php', version '5.1.6', is out of date, and possibly a security risk.
Warning: Application 'sshd', version '4.3p2', is out of date, and possibly a security risk.

Last edited by qwertyjjj; 06-10-2010 at 07:37 PM.
 
Old 06-10-2010, 07:57 PM   #2
AlucardZero
Senior Member
 
Registered: May 2006
Location: USA
Distribution: Debian
Posts: 4,823

Rep: Reputation: 611Reputation: 611Reputation: 611Reputation: 611Reputation: 611Reputation: 611
What repo? CentOS' like your profile says?

Even if it was - you'd have to update it yourself. Or, do you automatically update rhkunter's dat files?
 
Old 06-10-2010, 08:00 PM   #3
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,013

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by AlucardZero View Post
What repo? CentOS' like your profile says?

Even if it was - you'd have to update it yourself. Or, do you automatically update rhkunter's dat files?
Well, there is an auto script that runs through updating things every day, I think it updates from the repo nightly.
 
Old 06-10-2010, 09:15 PM   #4
AlucardZero
Senior Member
 
Registered: May 2006
Location: USA
Distribution: Debian
Posts: 4,823

Rep: Reputation: 611Reputation: 611Reputation: 611Reputation: 611Reputation: 611Reputation: 611
Automatic patching.. *shudder*

Have you run rkhunter --propupd?

All those old versions are normal for RHEL 5, and are patched without bumping the version number, so not really a risk there. The "replaced by a script"s are probably normal; open them up and take a look.
 
Old 06-11-2010, 09:40 AM   #5
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,013

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by AlucardZero View Post
Automatic patching.. *shudder*

Have you run rkhunter --propupd?

All those old versions are normal for RHEL 5, and are patched without bumping the version number, so not really a risk there. The "replaced by a script"s are probably normal; open them up and take a look.
auto patching bad idea?
Don't centos test their releases beforehand?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
What did you drink recently. Mr-Bisquit General 28 03-27-2010 08:59 AM
What did you eat recently? smeezekitty General 100 03-14-2010 10:56 PM
I've never seen one of these, except recently. joeBuffer General 5 08-16-2009 10:13 PM
I have recently begun with Linux $Linuxnoob Red Hat 14 04-08-2006 08:02 AM
Recently converted synapse Slackware 1 02-12-2004 07:11 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 08:16 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration