|
Rkhunter Assistance ..
Hi, my name is Ben. Im new here. I have a server that we're using RKhunter on. It seems to work fine. I am just concerned with the Daily run...the run will say [BAD] for "Testing Running Processes" .. I know this means its not running the test. How can I fix this issue if anyone knows out there?
I am running Red Hat 4.1.1-1 with Rootkit Hunter 1.2.8. Any ideas will be great! Thanks Ben |
The oldest still supported RKH version is 1.2.9.
We've released 1.3.0 some time ago. Please upgrade. |
what happens with rkhunter is when there is an update on your system it recognizes it as a change
and notifies you that there has been a change with a file it doesnt know it was an update by you it just know there was a change so what u can do is rkhunter --propupd then run it again to check of the warning still comes up then you know you have a problem also check the log files and see what the error is |
Thanks for the replies, just to ensure the forum knows where Im coming from.. here's how it looks:
* Suspicious files and malware Scanning for known rootkit strings [ OK ] Scanning for known rootkit files [ OK ] Testing running processes... [ BAD ] Miscellaneous Login backdoors [ OK ] Miscellaneous directories [ OK ] Software related files [ OK ] Sniffer logs [ OK ] You'll notice the "Testing Running Processes..." says [BAD] I will try these other tips. Any more tips out there? Thanks! Ben |
I can't even *remember* what 1.2.8 output looked like. Detailed account (debug mode aka 'sh -x') output might help.
|
| All times are GMT -5. The time now is 05:21 AM. |