LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-09-2004, 01:00 AM   #1
BajaNick
Senior Member
 
Registered: Jul 2003
Location: So. Cal.
Distribution: Slack 11
Posts: 1,737

Rep: Reputation: 46
Getting Warning during rkhunter?


I am getting this while running rkhunter. Is this anything to be worried about?

Check: Events and Logging
Search for syslog configuration... found
Checking for running syslog slave... [ Warning! ]
Info: Cannot find syslog/syslog-ng daemon
Checking for logging to remote system... [ OK (no remote logging) ]
 
Old 09-09-2004, 02:57 AM   #2
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Cannot find syslog/syslog-ng daemon
are you sure you have logging enabled??

=)
 
Old 09-09-2004, 09:49 PM   #3
BajaNick
Senior Member
 
Registered: Jul 2003
Location: So. Cal.
Distribution: Slack 11
Posts: 1,737

Original Poster
Rep: Reputation: 46
I have no idea. I may have disabled logging when i was screwing around with pkgtool. I will check it out, Thanks.
 
Old 09-09-2004, 11:18 PM   #4
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
you can check if syslogd is running with:

ps aux | grep syslogd
 
Old 09-10-2004, 11:20 PM   #5
BajaNick
Senior Member
 
Registered: Jul 2003
Location: So. Cal.
Distribution: Slack 11
Posts: 1,737

Original Poster
Rep: Reputation: 46
Thanks for that, Heres the output. I dont know what all this means.

319 0.0 0.0 1452 464 pts/0 S+ 09:19 0:00 grep syslogd
 
Old 09-10-2004, 11:26 PM   #6
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally posted by BajaNick
Thanks for that, Heres the output. I dont know what all this means.

319 0.0 0.0 1452 464 pts/0 S+ 09:19 0:00 grep syslogd
it means you aren't running syslogd...

the output you got is actually the grep itself.. you can eliminate grep itself from the output of the command like this:

ps aux | grep syslogd | grep -v grep

like that you shouldn't get any output until you have syslogd running...

go into pkgtool, setup, services, and enable "rc.syslog", then reboot... now run the above command again and you should see something like:

root 68 0.0 0.2 1404 592 ? Ss Sep09 0:00 /usr/sbin/syslogd

then run rkhunter again...

=)

Last edited by win32sux; 09-10-2004 at 11:28 PM.
 
Old 09-11-2004, 01:18 AM   #7
BajaNick
Senior Member
 
Registered: Jul 2003
Location: So. Cal.
Distribution: Slack 11
Posts: 1,737

Original Poster
Rep: Reputation: 46
Curiously, I do not have an option for syslog at all in the pkgtool menu after choosing which ones to run again.
Mabye this has something to do with having cups enabled but it not working, I have to start ./rc.cups manually when I want to print even though It is activated.
 
Old 09-11-2004, 02:10 AM   #8
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
hmmm... it sounds like the sysklogd package is not installed... check with:

ls /var/log/packages/ | grep sysklogd

if it's not, you can find it on your cd, or here:

ftp://ftp.slackware.com/pub/slackwar...4.1-i486-9.tgz
 
Old 09-12-2004, 08:34 PM   #9
BajaNick
Senior Member
 
Registered: Jul 2003
Location: So. Cal.
Distribution: Slack 11
Posts: 1,737

Original Poster
Rep: Reputation: 46
Thanks. When I get time I will install and play around with it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
rkhunter atlaika Linux - Security 7 11-29-2005 10:47 AM
rkhunter found the following monroetech Linux - Security 3 12-20-2004 08:51 PM
rkhunter phatbastard Linux - Security 3 12-08-2004 09:44 PM
Snort and rkhunter lord_zoo Linux - Security 5 11-28-2004 08:07 AM
rkhunter or chkrootkit? marlor Linux - Security 2 08-28-2004 08:26 AM


All times are GMT -5. The time now is 09:39 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration