LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   RKHunter Output Question (http://www.linuxquestions.org/questions/linux-security-4/rkhunter-output-question-685618/)

cedricd 11-23-2008 05:24 PM

RKHunter Output Question
 
Quote:

[23:14:17] Checking kernel module commands [ Warning ]
[23:14:17] Warning: No output found from the lsmod command or the /proc/modules file:
[23:14:17] /proc/modules output:
[23:14:18] lsmod output:
Is there anyway to fix/bypass this check?

Sysinfo:
Quote:

Kernel Version 2.6.16.29-11774_1 (SMP)
Distro Name Ubuntu 8.04.1
Uptime 55 days 21 hours 12 minutes
Current Users 1
Load Averages 0.01 0.15 0.11 0%
RAM: 256.16 MB
Disk: 18.98 GB

[This is a VPS machine]

{BBI}Nexus{BBI} 11-23-2008 10:37 PM

Check the options available with
Code:

man rkhunter

unSpawn 11-24-2008 05:30 PM

Quote:

Originally Posted by cedricd (Post 3352175)
Is there anyway to fix/bypass this check?

RKH allows you to disable some tests from the CLI using --disable or in rkhunter.conf with DISABLE_TESTS. The one you're looking for is called "loaded_modules".

cedricd 11-25-2008 12:43 AM

Quote:

Originally Posted by unSpawn (Post 3353260)
RKH allows you to disable some tests from the CLI using --disable or in rkhunter.conf with DISABLE_TESTS. The one you're looking for is called "loaded_modules".

Unknown disable test name given: loaded_modules

Had a look over the main list, didn't see anything, or may just have missed it.

Quote:

Available test names:
additional_rkts all apps attributes deleted_files filesystem
group_accounts group_changes hashes hidden_procs immutable known_rkts
local_host malware network none os_specific other_malware
packet_cap_apps passwd_changes ports possible_rkt_files possible_rkt_strings possible_rkts
promisc properties rootkits running_procs scripts shared_libs
shared_libs_path startup_files startup_malware strings suspscan system_commands
system_configs trojans

unSpawn 11-25-2008 12:09 PM

Heh, that's sposed to be the "os_specific" checks, sorry.


All times are GMT -5. The time now is 09:05 AM.