RKHunter on 16.04 ubuntu

miramarcos · 07-28-2016, 10:44 AM

have downloaded description from DigitalOcean community for commands to use it on ubuntu 12.04, can I use same commands on 16.04 ?
miramarcos

Habitual · 07-28-2016, 11:19 AM

miramarcos:

Are you referring to https://www.digitalocean.com/communi...-an-ubuntu-vps ?
Yes, the c-line stuff is mostly the same.
See also https://help.ubuntu.com/community/RKhunter

Habitual · 08-01-2016, 10:36 AM

miramarcos:
How's it going? Any progress?

miramarcos · 08-01-2016, 11:09 AM

hello,
haven't got time yet to install the program, but we think we'll need it to get working on our ubuntu 16.04. Suspect something strange that does need to get discovered and eliminated.
miramarcos

Habitual · 08-01-2016, 11:13 AM

The advice I gave earlier was too terse, and I am sorry about that.
For the installation, I wouldn't use those commands from that page.

And I have different instructions for 1.4.3, the latest.
(assuming root in terminal

Code:

cd /usr/src/
wget http://rkhunter.cvs.sourceforge.net/viewvc/rkhunter/rkhunter/?view=tar
mv index.html\?view\=tar rkhunter.tar.gz
tar zxf rkhunter.tar.gz
mv rkhunter rkhunter-1-4-3
cd  rkhunter-1-4-3
./installer.sh --install
rkhunter --update

This method of installation is not managed by the apt package manager and its maintenance is entirely up to you,
and I would remove the package manager version before installing using this method.

Holler if you need additional help.

Attached is my wiki page on my rkhunter notes for the Ubuntu environment.

miramarcos · 08-03-2016, 05:15 AM

Thanks for your help, I used Synaptic to get it installed. According to the terminal check I have the latest version. But now, do I have to configure it ?, inside the terminal I got many # and at the end line ^G ^etc. etc. How can I e.g. under 'set up mail notifications' put in my email address, or does the system have that being 'root'. also how to I create a 'whitelist known script files ? Have not read your attachment though.
regards
miramarcos

Habitual · 08-03-2016, 09:07 AM

Synaptic installed 1.4.3? Great!

I don't know what "in terminal I got many # and ^Gs" means
Did you open a file from a Windows computer on the Linux host and edit?
See first http://rkhunter.cvs.sourceforge.net/...nter/files/FAQ

miramarcos · 08-03-2016, 09:42 AM

No, not the latest, but 1.4.2 version, tried to get 1.4.3 with no avail, also the website you described in yr previous thread, still doesn't have this version to download.
miramarcos

Habitual · 08-03-2016, 10:03 AM

Quote:

Originally Posted by miramarcos

No, not the latest, but 1.4.2 version, tried to get 1.4.3 with no avail, also the website you described in yr previous thread, still doesn't have this version to download.
miramarcos

Did I say visit a website and install it?
Avail yourself of what the instructions said.

Code:

...
wget http://rkhunter.cvs.sourceforge.net/viewvc/rkhunter/rkhunter/?view=tar...

And don't use phonespeak. "Your" is spelled your, not "yr".

You're not answering my questions.

Good Luck. Someone else may feel up to it.

But if you want to stay with "what the repo installed.", I cannot argue.
New users should stick to repository-based software IMNSHO.

"The first run of 'rkhunter' after installation may give some warning messages" on a Xubuntu beta, clean install system.
I have no doubt that the edits necessary haven't changed too much from that.

https://help.ubuntu.com/community/RKhunter and the rkhunter.pdf I attached both discuss the edits necessary in /etc/rkhunter.conf.
/etc/rkhunter.conf is liberally commented.