RKHunter Output Question

cedricd · 11-23-2008, 06:24 PM

Quote:

[23:14:17] Checking kernel module commands [ Warning ]
[23:14:17] Warning: No output found from the lsmod command or the /proc/modules file:
[23:14:17] /proc/modules output:
[23:14:18] lsmod output:

Is there anyway to fix/bypass this check?

Sysinfo:

Quote:

Kernel Version 2.6.16.29-11774_1 (SMP)
Distro Name Ubuntu 8.04.1
Uptime 55 days 21 hours 12 minutes
Current Users 1
Load Averages 0.01 0.15 0.11 0%
RAM: 256.16 MB
Disk: 18.98 GB

[This is a VPS machine]

{BBI}Nexus{BBI} · 11-23-2008, 11:37 PM

Check the options available with

Code:

man rkhunter

unSpawn · 11-24-2008, 06:30 PM

Quote:

Originally Posted by cedricd

Is there anyway to fix/bypass this check?

RKH allows you to disable some tests from the CLI using --disable or in rkhunter.conf with DISABLE_TESTS. The one you're looking for is called "loaded_modules".

cedricd · 11-25-2008, 01:43 AM

Quote:

Originally Posted by unSpawn

RKH allows you to disable some tests from the CLI using --disable or in rkhunter.conf with DISABLE_TESTS. The one you're looking for is called "loaded_modules".

Unknown disable test name given: loaded_modules

Had a look over the main list, didn't see anything, or may just have missed it.

Quote:

Available test names:
additional_rkts all apps attributes deleted_files filesystem
group_accounts group_changes hashes hidden_procs immutable known_rkts
local_host malware network none os_specific other_malware
packet_cap_apps passwd_changes ports possible_rkt_files possible_rkt_strings possible_rkts
promisc properties rootkits running_procs scripts shared_libs
shared_libs_path startup_files startup_malware strings suspscan system_commands
system_configs trojans

unSpawn · 11-25-2008, 01:09 PM

Heh, that's sposed to be the "os_specific" checks, sorry.