<---- template headericclude ----->
rkhunter (continued)
FedoraForum.org - Fedora Support Forums and Community
Page 1 of 2 12 LastLast
Results 1 to 15 of 16
  1. #1
    Join Date
    Feb 2006
    Location
    southern california
    Posts
    521
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    rkhunter (continued)

    Here's the newest message:

    [fedora@localhost ~]$ tar xvf rkhunter-1.2.9.tar
    tar: rkhunter-1.2.9.tar: Cannot open: No such file or directory
    tar: Error is not recoverable: exiting now
    [fedora@localhost ~]$ tar xvf rkhunter-1.2.9.tar
    tar: rkhunter-1.2.9.tar: Cannot open: No such file or directory
    tar: Error is not recoverable: exiting now
    [fedora@localhost ~]$ su -
    Password:
    [root@localhost ~]# tar xvf rkhunter-1.2.9.tar
    tar: rkhunter-1.2.9.tar: Cannot open: No such file or directory
    tar: Error is not recoverable: exiting now
    [root@localhost ~]#

    I am having much more patience, please forgive me. I do want to solve this issue but it seems
    not possible despite many and varied attempts? I know when I downloaded loaded it; it was a tar from sourceforge. I downloaded it into my fedora user file. But when I try to cd into it and unpack it; it won't work?

    Willing to learn something new - bigmac

    bigmac
    Last edited by bigmacbb63; 5th October 2007 at 01:58 PM. Reason: extra text

  2. #2
    JN4OldSchool is offline "Sean The Terrible" -- The forum(er) Vista® rep
    Join Date
    Nov 2005
    Posts
    8,819
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    mac, when you go to root leave the dash out. This is screwing up your path. Just "su". Then, make sure the tar is in your user's /home. If it is somewhere else you will have to cd (change directory) to that location.

  3. #3
    leigh123linux Guest
    try ( since you last tried they release a newer version )

    Code:
    su
    wget http://mesh.dl.sourceforge.net/sourceforge/rkhunter/rkhunter-1.3.0.tar.gz
    tar xvf rkhunter-1.3.0.tar.gz
    cd rkhunter-1.3.0
    ./installer.sh  --layout /usr/local --install
    Last edited by leigh123linux; 16th October 2007 at 11:00 AM.

  4. #4
    Join Date
    Feb 2006
    Location
    southern california
    Posts
    521
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What am I doing wrong? It's still not working?

    [robert@localhost ~]$ su
    Password:
    [root@localhost robert]# wget http://mesh.dl.sourceforge.net/sourc...r-1.3.0.tar.gz
    --15:44:31-- http://mesh.dl.sourceforge.net/sourc...r-1.3.0.tar.gz
    => `rkhunter-1.3.0.tar.gz'
    Resolving mesh.dl.sourceforge.net... 213.203.218.122
    Connecting to mesh.dl.sourceforge.net|213.203.218.122|:80... connected.
    HTTP request sent, awaiting response... 302 Found
    Location: http://prdownloads.sourceforge.net/r...ourceforge.net [following]
    --15:44:49-- http://prdownloads.sourceforge.net/r...ourceforge.net
    => `rkhunter-1.3.0.tar.gz?download&failedmirror=mesh.dl.sourcef orge.net'
    Resolving prdownloads.sourceforge.net... 66.35.250.217
    Connecting to prdownloads.sourceforge.net|66.35.250.217|:80... connected.
    HTTP request sent, awaiting response... 301 Moved Permanently
    Location: http://downloads.sourceforge.net/rkh...ourceforge.net [following]
    --15:45:06-- http://downloads.sourceforge.net/rkh...ourceforge.net
    => `rkhunter-1.3.0.tar.gz?download&failedmirror=mesh.dl.sourcef orge.net'
    Resolving downloads.sourceforge.net... 66.35.250.203
    Connecting to downloads.sourceforge.net|66.35.250.203|:80... connected.
    HTTP request sent, awaiting response... 301 Moved Permanently
    Location: http://sourceforge.net/projects/rkhu...0-tar-gz/files [following]
    --15:45:16-- http://sourceforge.net/projects/rkhu...0-tar-gz/files
    => `files'
    Resolving sourceforge.net... 66.35.250.203
    Connecting to sourceforge.net|66.35.250.203|:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: unspecified [text/html]

    [ <=> ] 12,032 46.42K/s

    15:45:32 (46.35 KB/s) - `files' saved [12032]

    [root@localhost robert]# tar xvf rkhunter-1.3.0.tar.gz
    tar: rkhunter-1.3.0.tar.gz: Cannot open: No such file or directory
    tar: Error is not recoverable: exiting now
    [root@localhost robert]# cd rkhunter-1.3.0
    bash: cd: rkhunter-1.3.0: No such file or directory
    [root@localhost robert]#

    Thanks for your help -still very frustrated!!!

    bigmac

  5. #5
    Seve's Avatar
    Seve is offline Retired Community Manager
    Join Date
    Oct 2004
    Location
    The GTA, Ontario, Canada
    Age
    65
    Posts
    12,371
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hello bigmac:
    Here is a rpm that you can download
    to install
    yum localinstall --nogpgcheck rkhunter-1.3.0-1.noarch.rpm
    http://rapidshare.com/files/62832983...oarch.rpm.html

    To start the app, from a terminal type
    su -

    rkhunter

    Seve
    Registered Linux User: #384977
    .................................................. ............
    See the Links below for more Help and those much wanted extras ... :)


  6. #6
    aleph's Avatar
    aleph is offline Banned (for/from) behaving just like everybody else!
    Join Date
    Jul 2007
    Location
    Nanjing, China
    Posts
    1,332
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by bigmacbb63

    [root@localhost robert]# tar xvf rkhunter-1.3.0.tar.gz
    tar: rkhunter-1.3.0.tar.gz: Cannot open: No such file or directory
    tar: Error is not recoverable: exiting now
    [root@localhost robert]# cd rkhunter-1.3.0
    bash: cd: rkhunter-1.3.0: No such file or directory
    [root@localhost robert]#

    Thanks for your help -still very frustrated!!!

    bigmac

    this should be :
    Code:
    tar zxvf rkhunter-1.3.0.tar.gz

  7. #7
    leigh123linux Guest
    Quote Originally Posted by aleph
    this should be :
    Code:
    tar zxvf rkhunter-1.3.0.tar.gz

    It works for me as is

    Code:
    [root@localhost ~]# wget http://mesh.dl.sourceforge.net/sourceforge/rkhunter/rkhunter-1.3.0.tar.gz
    --10:56:04--  http://mesh.dl.sourceforge.net/sourceforge/rkhunter/rkhunter-1.3.0.tar.gz
               => `rkhunter-1.3.0.tar.gz.1'
    Resolving mesh.dl.sourceforge.net... 213.203.218.122
    Connecting to mesh.dl.sourceforge.net|213.203.218.122|:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 252,011 (246K) [application/x-tar]
    
    100%[====================================>] 252,011      554.17K/s             
    
    10:56:05 (553.63 KB/s) - `rkhunter-1.3.0.tar.gz.1' saved [252011/252011]
    
    [root@localhost ~]# tar xvf rkhunter-1.3.0.tar.gz
    rkhunter-1.3.0/
    rkhunter-1.3.0/files/
    rkhunter-1.3.0/files/contrib/
    rkhunter-1.3.0/files/contrib/README.txt
    rkhunter-1.3.0/files/contrib/rkhunter_remote_howto.txt
    rkhunter-1.3.0/files/contrib/run_rkhunter.sh
    rkhunter-1.3.0/files/ACKNOWLEDGMENTS
    rkhunter-1.3.0/files/CHANGELOG
    rkhunter-1.3.0/files/FAQ
    rkhunter-1.3.0/files/LICENSE
    rkhunter-1.3.0/files/README
    rkhunter-1.3.0/files/WISHLIST
    rkhunter-1.3.0/files/backdoorports.dat
    rkhunter-1.3.0/files/check_modules.pl
    rkhunter-1.3.0/files/check_port.pl
    rkhunter-1.3.0/files/check_update.sh
    rkhunter-1.3.0/files/defaulthashes.dat
    rkhunter-1.3.0/files/filehashmd5.pl
    rkhunter-1.3.0/files/filehashsha1.pl
    rkhunter-1.3.0/files/md5blacklist.dat
    rkhunter-1.3.0/files/mirrors.dat
    rkhunter-1.3.0/files/os.dat
    rkhunter-1.3.0/files/programs_bad.dat
    rkhunter-1.3.0/files/programs_good.dat
    rkhunter-1.3.0/files/readlink.sh
    rkhunter-1.3.0/files/rkhunter
    rkhunter-1.3.0/files/rkhunter.8
    rkhunter-1.3.0/files/rkhunter.conf
    rkhunter-1.3.0/files/rkhunter.spec
    rkhunter-1.3.0/files/showfiles.pl
    rkhunter-1.3.0/files/stat.pl
    rkhunter-1.3.0/files/suspscan.dat
    rkhunter-1.3.0/files/development/
    rkhunter-1.3.0/files/development/createfilehashes.pl
    rkhunter-1.3.0/files/development/createhashes.sh
    rkhunter-1.3.0/files/development/createhashesall.sh
    rkhunter-1.3.0/files/development/i18nchk
    rkhunter-1.3.0/files/development/osinformation.sh
    rkhunter-1.3.0/files/development/rpmhashes.sh
    rkhunter-1.3.0/files/development/rpmprelinkhashes.sh
    rkhunter-1.3.0/files/development/search_dead_sysmlinks.sh
    rkhunter-1.3.0/files/i18n/
    rkhunter-1.3.0/files/i18n/cn
    rkhunter-1.3.0/files/i18n/en
    rkhunter-1.3.0/files/testing/
    rkhunter-1.3.0/files/testing/rkhunter.conf
    rkhunter-1.3.0/files/testing/rootkitinfo.txt
    rkhunter-1.3.0/files/testing/stringscanner.sh
    rkhunter-1.3.0/files/tools/
    rkhunter-1.3.0/files/tools/README
    rkhunter-1.3.0/files/tools/update_client.sh
    rkhunter-1.3.0/files/tools/update_server.sh
    rkhunter-1.3.0/installer.sh
    [root@localhost ~]# cd rkhunter-1.3.0
    [root@localhost rkhunter-1.3.0]# ./installer.sh  --layout /usr/local --install
    
    Checking system for: 
     Rootkit Hunter installer files: found. OK
     Available file retrieval tools: 
        wget: found. OK
    Starting installation/update
    
    Checking PREFIX /usr/local: exists, and is writable. OK
    Checking installation directories:
     Directory /usr/local/share/doc/rkhunter-1.3.0: creating: OK.
     Directory /usr/local/share/man/man8: exists, and is writable. OK
     Directory /usr/local/etc: exists, and is writable. OK
     Directory /usr/local/bin: exists, and is writable. OK
     Directory /usr/local/lib64: exists, and is writable. OK
     Directory /var/lib: exists, and is writable. OK
     Directory /usr/local/lib64/rkhunter/scripts: creating: OK.
     Directory /var/lib/rkhunter/db: creating: OK.
     Directory /var/lib/rkhunter/tmp: creating: OK.
     Directory /var/lib/rkhunter/db/i18n: creating: OK.
     Installing check_modules.pl: OK.
     Installing check_update.sh: OK.
     Installing check_port.pl: OK.
     Installing filehashmd5.pl: OK.
     Installing filehashsha1.pl: OK.
     Installing showfiles.pl: OK.
     Installing stat.pl: OK.
     Installing readlink.sh: OK.
     Installing backdoorports.dat: OK.
     Installing mirrors.dat: OK.
     Installing os.dat: OK.
     Installing programs_bad.dat: OK.
     Installing programs_good.dat: OK.
     Installing defaulthashes.dat: OK.
     Installing md5blacklist.dat: OK.
     Installing suspscan.dat: OK.
     Installing rkhunter.8: OK.
     Installing ACKNOWLEDGMENTS: OK.
     Installing CHANGELOG: OK.
     Installing FAQ: OK.
     Installing LICENSE: OK.
     Installing README: OK.
     Installing WISHLIST: OK.
     Installing language support files: OK.
     Installing rkhunter: OK.
     Installing rkhunter.conf: OK.
    Installation finished.
    [root@localhost rkhunter-1.3.0]# rkhunter
    
    Usage: rkhunter {--check | --update | --propupd | --versioncheck |
                     --list [tests | languages | rootkits] |
                     --version | --help} [options]
    
    Current options are:
             --append-log                  Append to the logfile, do not overwrite
             --bindir <directory>...       Use the specified command directories
         -c, --check                       Check the local system
      --cs2, --color-set2                  Use the second color set for output
             --configfile <file>           Use the specified configuration file
             --cronjob                     Run as a cron job
                                           (implies -c, --sk and --nocolors options)
             --dbdir <directory>           Use the specified database directory
             --debug                       Debug mode
                                           (Do not use unless asked to do so)
             --disable <test>[,<test>...]  Disable specific tests
                                           (Default is to disable no tests)
             --display-logfile             Display the logfile at the end
             --enable  <test>[,<test>...]  Enable specific tests
                                           (Default is to enable all tests)
             --hash {MD5 | SHA1 | NONE |   Use the specified file hash function
                     <command>}            (Default is SHA1)
         -h, --help                        Display this help menu, then exit
     --lang, --language <language>         Specify the language to use
                                           (Default is English)
             --list [tests | languages |   List the available test names, languages,
                     rootkits]             or checked for rootkits, then exit
         -l, --logfile [file]              Write to a logfile
                                           (Default is /var/log/rkhunter.log)
             --noappend-log                Do not append to the logfile, overwrite it
             --nocolors                    Use black and white output
             --nolog                       Do not write to a logfile
    --nomow, --no-mail-on-warning          Do not send a message if warnings occur
       --ns, --nosummary                   Do not show the summary of check results
     --novl, --no-verbose-logging          No verbose logging
             --pkgmgr {RPM | DPKG | BSD |  Use the specified package manager to obtain or
                       NONE}               verify file hash values. (Default is NONE)
             --propupd                     Update the file properties database
         -q, --quiet                       Quiet mode (no output at all)
      --rwo, --report-warnings-only        Show only warning messages
         -r, --rootdir <directory>         Use the specified root directory
       --sk, --skip-keypress               Don't wait for a keypress after each test
             --summary                     Show the summary of system check results
                                           (This is the default)
             --syslog [facility.priority]  Log the check start and finish times to syslog
                                           (Default level is authpriv.notice)
             --tmpdir <directory>          Use the specified temporary directory
             --update                      Check for updates to database files
       --vl, --verbose-logging             Use verbose logging (on by default)
         -V, --version                     Display the version number, then exit
             --versioncheck                Check for latest version of program
         -x, --autox                       Automatically detect if X is in use
         -X, --no-autox                    Do not automatically detect if X is in use
    
    [root@localhost rkhunter-1.3.0]#
    Last edited by leigh123linux; 16th October 2007 at 11:09 AM.

  8. #8
    Join Date
    Feb 2006
    Location
    southern california
    Posts
    521
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It still didn't work and I did exactly as you said?
    Is there any other way to install this?

    bigmac

  9. #9
    Join Date
    Feb 2006
    Location
    southern california
    Posts
    521
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    this is the latest it won't work!

    [robert@localhost ~]$ su rkhunter
    su: user rkhunter does not exist
    [robert@localhost ~]$ su -
    Password:
    [root@localhost ~]# rkhunter
    -bash: rkhunter: command not found
    [root@localhost ~]#
    [root@localhost ~]# yum localinstall --nogpgcheck rkhunter-1.3.0-1.noarch.rpm
    Setting up Local Package Process
    Cannot open file: rkhunter-1.3.0-1.noarch.rpm. Skipping.
    Nothing to do
    [root@localhost ~]#

    What is going on?

  10. #10
    Join Date
    Feb 2006
    Location
    southern california
    Posts
    521
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    As you can see from the latest it still doesn't work and I am doing it correctly?

    [robert@localhost ~]$ su
    Password:
    [root@localhost robert]# [robert@localhost ~]$ su rkhunter
    bash: [robert@localhost: command not found
    [root@localhost robert]# su: user rkhunter does not exist
    bash: su:: command not found
    [root@localhost robert]# [robert@localhost ~]$ su -
    bash: [robert@localhost: command not found
    [root@localhost robert]# Password:
    bash: Password:: command not found
    [root@localhost robert]# [root@localhost ~]# rkhunter
    bash: [root@localhost: command not found
    [root@localhost robert]# -bash: rkhunter: command not found
    bash: -bash:: command not found
    [root@localhost robert]# [root@localhost ~]#
    bash: [root@localhost: command not found
    [root@localhost robert]# [root@localhost ~]# yum localinstall --nogpgcheck rkhunter-1.3.0-1.noarch.rpm
    bash: [root@localhost: command not found
    [root@localhost robert]# Setting up Local Package Process
    bash: Setting: command not found
    [root@localhost robert]# Cannot open file: rkhunter-1.3.0-1.noarch.rpm. Skipping.
    bash: Cannot: command not found
    [root@localhost robert]# Nothing to do
    bash: Nothing: command not found
    [root@localhost robert]# [root@localhost ~]#
    bash: [root@localhost: command not found
    [root@localhost robert]#

  11. #11
    leigh123linux Guest
    try

    Code:
    su -
    wget http://www.linux-ati-drivers.homecall.co.uk/rkhunter-1.3.0-1.noarch.rpm
    yum --nogpgcheck localinstall rkhunter-1.3.0-1.noarch.rpm
    rkhunter

  12. #12
    Join Date
    Feb 2006
    Location
    southern california
    Posts
    521
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It worked I can't believe it! Thank you so very much! This is wonderful.

    You guys here in the forum are so incredible. Thank you for your grace and mercy on me.
    I am a very impatient man and that is a terrible trait.

    Again - thank you,

    bigmac

  13. #13
    Join Date
    Feb 2006
    Location
    southern california
    Posts
    521
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    rkhunter warnings?

    Does anybody know how to fix this?

    Performing system configuration file checks
    Checking for SSH configuration file [ Found ]
    Checking if SSH root access is allowed [ Warning ]
    Checking if SSH protocol v1 is allowed [ Not allowed ]
    Checking for running syslog daemon [ Found ]
    Checking for syslog configuration file [ Warning ]

    Performing filesystem checks
    Checking /dev for suspicious file types [ Warning ]
    Checking for hidden files and directories [ Warning ]

    I would be so grateful for any help I could get.

    Thanks - bigmac

  14. #14
    HughA Guest

    Modifications to SSH

    Gudday,

    The change that rkhunter is looking for in SSH is as follows:

    current working directory = /etc/ssh
    ==========================================
    sdiff -sw80 sshd_config sshd_config.orig
    PermitRootLogin no <
    ==========================================

    As shown, the output is from 'sdiff', so the text on the left of the 'less than' sign has been added to /etc/ssh/sshd_config. Disabling remote root logins is more secure (that is, of course, assuming that sshd is running on your system, and that SSH is allowed in through your firewall).

    There are a few other handy SSH security tweaks, but making the above change will keep rkhunter happy. Don't forget to back up the original version of your configuration file before making any changes ;-)

    I'm not sure what rkhunter is looking for vis-a-vis syslog configuration.

    Regards,
    Hugh
    Last edited by HughA; 27th December 2007 at 12:45 PM.

  15. #15
    Join Date
    Jul 2005
    Location
    RainCity
    Posts
    1,890
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    And now that it works you can set it to run automatically.
    To set up rkhunter as a cronjob use cron. the manual is at
    [you@yourbox~]$man cron
    [you@yourbox~]$man crontab you can set it up to run monthly daily, or hourly.
    I'd run rkhunter --update monthly and rkhunter --check daily, every 5 hours? No idea.
    Good Luck! Kurt
    Last edited by kurtdriver; 18th February 2009 at 06:00 PM.

Page 1 of 2 12 LastLast

Similar Threads

  1. Wireless (continued)
    By LT72884 in forum Servers & Networking
    Replies: 28
    Last Post: 27th November 2007, 09:06 PM
  2. Wireless (continued)
    By LT72884 in forum Servers & Networking
    Replies: 1
    Last Post: 26th November 2007, 06:22 PM
  3. Yum update rkhunter 'Could not find update match for rkhunter'
    By open4biz in forum Security and Privacy
    Replies: 7
    Last Post: 11th October 2007, 02:42 AM
  4. Sound issue continued :/
    By MNKyDeth in forum Using Fedora
    Replies: 2
    Last Post: 24th December 2004, 04:34 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
[[template footer(Guest)]]