Fedora Linux Support Community & Resources Center

Go Back   FedoraForum.org > Fedora 19/20 > Security and Privacy
FedoraForum Search

Forgot Password? Join Us!

Security and Privacy Sadly, malware, spyware, hackers and privacy threats abound in today's world. Let's be paranoid and secure our penguins, and slam the doors on privacy exploits.

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 5th October 2007, 01:56 PM
bigmacbb63 Offline
Registered User
 
Join Date: Feb 2006
Location: southern california
Posts: 521
rkhunter (continued)

Here's the newest message:

[fedora@localhost ~]$ tar xvf rkhunter-1.2.9.tar
tar: rkhunter-1.2.9.tar: Cannot open: No such file or directory
tar: Error is not recoverable: exiting now
[fedora@localhost ~]$ tar xvf rkhunter-1.2.9.tar
tar: rkhunter-1.2.9.tar: Cannot open: No such file or directory
tar: Error is not recoverable: exiting now
[fedora@localhost ~]$ su -
Password:
[root@localhost ~]# tar xvf rkhunter-1.2.9.tar
tar: rkhunter-1.2.9.tar: Cannot open: No such file or directory
tar: Error is not recoverable: exiting now
[root@localhost ~]#

I am having much more patience, please forgive me. I do want to solve this issue but it seems
not possible despite many and varied attempts? I know when I downloaded loaded it; it was a tar from sourceforge. I downloaded it into my fedora user file. But when I try to cd into it and unpack it; it won't work?

Willing to learn something new - bigmac

bigmac

Last edited by bigmacbb63; 5th October 2007 at 01:58 PM. Reason: extra text
Reply With Quote
  #2  
Old 5th October 2007, 02:04 PM
JN4OldSchool Offline
"Sean The Terrible" -- The forum(er) Vista® rep
 
Join Date: Nov 2005
Posts: 8,823
mac, when you go to root leave the dash out. This is screwing up your path. Just "su". Then, make sure the tar is in your user's /home. If it is somewhere else you will have to cd (change directory) to that location.
Reply With Quote
  #3  
Old 5th October 2007, 02:16 PM
leigh123linux
Guest
 
Posts: n/a
try ( since you last tried they release a newer version )

Code:
su
wget http://mesh.dl.sourceforge.net/sourceforge/rkhunter/rkhunter-1.3.0.tar.gz
tar xvf rkhunter-1.3.0.tar.gz
cd rkhunter-1.3.0
./installer.sh  --layout /usr/local --install

Last edited by leigh123linux; 16th October 2007 at 11:00 AM.
Reply With Quote
  #4  
Old 15th October 2007, 11:47 PM
bigmacbb63 Offline
Registered User
 
Join Date: Feb 2006
Location: southern california
Posts: 521
What am I doing wrong? It's still not working?

[robert@localhost ~]$ su
Password:
[root@localhost robert]# wget http://mesh.dl.sourceforge.net/sourc...r-1.3.0.tar.gz
--15:44:31-- http://mesh.dl.sourceforge.net/sourc...r-1.3.0.tar.gz
=> `rkhunter-1.3.0.tar.gz'
Resolving mesh.dl.sourceforge.net... 213.203.218.122
Connecting to mesh.dl.sourceforge.net|213.203.218.122|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: http://prdownloads.sourceforge.net/r...ourceforge.net [following]
--15:44:49-- http://prdownloads.sourceforge.net/r...ourceforge.net
=> `rkhunter-1.3.0.tar.gz?download&failedmirror=mesh.dl.sourcef orge.net'
Resolving prdownloads.sourceforge.net... 66.35.250.217
Connecting to prdownloads.sourceforge.net|66.35.250.217|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: http://downloads.sourceforge.net/rkh...ourceforge.net [following]
--15:45:06-- http://downloads.sourceforge.net/rkh...ourceforge.net
=> `rkhunter-1.3.0.tar.gz?download&failedmirror=mesh.dl.sourcef orge.net'
Resolving downloads.sourceforge.net... 66.35.250.203
Connecting to downloads.sourceforge.net|66.35.250.203|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: http://sourceforge.net/projects/rkhu...0-tar-gz/files [following]
--15:45:16-- http://sourceforge.net/projects/rkhu...0-tar-gz/files
=> `files'
Resolving sourceforge.net... 66.35.250.203
Connecting to sourceforge.net|66.35.250.203|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]

[ <=> ] 12,032 46.42K/s

15:45:32 (46.35 KB/s) - `files' saved [12032]

[root@localhost robert]# tar xvf rkhunter-1.3.0.tar.gz
tar: rkhunter-1.3.0.tar.gz: Cannot open: No such file or directory
tar: Error is not recoverable: exiting now
[root@localhost robert]# cd rkhunter-1.3.0
bash: cd: rkhunter-1.3.0: No such file or directory
[root@localhost robert]#

Thanks for your help -still very frustrated!!!

bigmac
Reply With Quote
  #5  
Old 16th October 2007, 12:40 AM
Seve Offline
Retired Community Manager
 
Join Date: Oct 2004
Location: The GTA, Ontario, Canada
Age: 56
Posts: 12,371
Hello bigmac:
Here is a rpm that you can download
to install
yum localinstall --nogpgcheck rkhunter-1.3.0-1.noarch.rpm
http://rapidshare.com/files/62832983...oarch.rpm.html

To start the app, from a terminal type
su -

rkhunter

Seve
__________________
Registered Linux User: #384977
.................................................. ............
See the Links below for more Help and those much wanted extras ... :)
Reply With Quote
  #6  
Old 16th October 2007, 07:17 AM
aleph Offline
Banned (for/from) behaving just like everybody else!
 
Join Date: Jul 2007
Location: Nanjing, China
Posts: 1,332
Quote:
Originally Posted by bigmacbb63

[root@localhost robert]# tar xvf rkhunter-1.3.0.tar.gz
tar: rkhunter-1.3.0.tar.gz: Cannot open: No such file or directory
tar: Error is not recoverable: exiting now
[root@localhost robert]# cd rkhunter-1.3.0
bash: cd: rkhunter-1.3.0: No such file or directory
[root@localhost robert]#

Thanks for your help -still very frustrated!!!

bigmac

this should be :
Code:
tar zxvf rkhunter-1.3.0.tar.gz
Reply With Quote
  #7  
Old 16th October 2007, 11:00 AM
leigh123linux
Guest
 
Posts: n/a
Quote:
Originally Posted by aleph
this should be :
Code:
tar zxvf rkhunter-1.3.0.tar.gz

It works for me as is

Code:
[root@localhost ~]# wget http://mesh.dl.sourceforge.net/sourceforge/rkhunter/rkhunter-1.3.0.tar.gz
--10:56:04--  http://mesh.dl.sourceforge.net/sourceforge/rkhunter/rkhunter-1.3.0.tar.gz
           => `rkhunter-1.3.0.tar.gz.1'
Resolving mesh.dl.sourceforge.net... 213.203.218.122
Connecting to mesh.dl.sourceforge.net|213.203.218.122|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 252,011 (246K) [application/x-tar]

100%[====================================>] 252,011      554.17K/s             

10:56:05 (553.63 KB/s) - `rkhunter-1.3.0.tar.gz.1' saved [252011/252011]

[root@localhost ~]# tar xvf rkhunter-1.3.0.tar.gz
rkhunter-1.3.0/
rkhunter-1.3.0/files/
rkhunter-1.3.0/files/contrib/
rkhunter-1.3.0/files/contrib/README.txt
rkhunter-1.3.0/files/contrib/rkhunter_remote_howto.txt
rkhunter-1.3.0/files/contrib/run_rkhunter.sh
rkhunter-1.3.0/files/ACKNOWLEDGMENTS
rkhunter-1.3.0/files/CHANGELOG
rkhunter-1.3.0/files/FAQ
rkhunter-1.3.0/files/LICENSE
rkhunter-1.3.0/files/README
rkhunter-1.3.0/files/WISHLIST
rkhunter-1.3.0/files/backdoorports.dat
rkhunter-1.3.0/files/check_modules.pl
rkhunter-1.3.0/files/check_port.pl
rkhunter-1.3.0/files/check_update.sh
rkhunter-1.3.0/files/defaulthashes.dat
rkhunter-1.3.0/files/filehashmd5.pl
rkhunter-1.3.0/files/filehashsha1.pl
rkhunter-1.3.0/files/md5blacklist.dat
rkhunter-1.3.0/files/mirrors.dat
rkhunter-1.3.0/files/os.dat
rkhunter-1.3.0/files/programs_bad.dat
rkhunter-1.3.0/files/programs_good.dat
rkhunter-1.3.0/files/readlink.sh
rkhunter-1.3.0/files/rkhunter
rkhunter-1.3.0/files/rkhunter.8
rkhunter-1.3.0/files/rkhunter.conf
rkhunter-1.3.0/files/rkhunter.spec
rkhunter-1.3.0/files/showfiles.pl
rkhunter-1.3.0/files/stat.pl
rkhunter-1.3.0/files/suspscan.dat
rkhunter-1.3.0/files/development/
rkhunter-1.3.0/files/development/createfilehashes.pl
rkhunter-1.3.0/files/development/createhashes.sh
rkhunter-1.3.0/files/development/createhashesall.sh
rkhunter-1.3.0/files/development/i18nchk
rkhunter-1.3.0/files/development/osinformation.sh
rkhunter-1.3.0/files/development/rpmhashes.sh
rkhunter-1.3.0/files/development/rpmprelinkhashes.sh
rkhunter-1.3.0/files/development/search_dead_sysmlinks.sh
rkhunter-1.3.0/files/i18n/
rkhunter-1.3.0/files/i18n/cn
rkhunter-1.3.0/files/i18n/en
rkhunter-1.3.0/files/testing/
rkhunter-1.3.0/files/testing/rkhunter.conf
rkhunter-1.3.0/files/testing/rootkitinfo.txt
rkhunter-1.3.0/files/testing/stringscanner.sh
rkhunter-1.3.0/files/tools/
rkhunter-1.3.0/files/tools/README
rkhunter-1.3.0/files/tools/update_client.sh
rkhunter-1.3.0/files/tools/update_server.sh
rkhunter-1.3.0/installer.sh
[root@localhost ~]# cd rkhunter-1.3.0
[root@localhost rkhunter-1.3.0]# ./installer.sh  --layout /usr/local --install

Checking system for: 
 Rootkit Hunter installer files: found. OK
 Available file retrieval tools: 
    wget: found. OK
Starting installation/update

Checking PREFIX /usr/local: exists, and is writable. OK
Checking installation directories:
 Directory /usr/local/share/doc/rkhunter-1.3.0: creating: OK.
 Directory /usr/local/share/man/man8: exists, and is writable. OK
 Directory /usr/local/etc: exists, and is writable. OK
 Directory /usr/local/bin: exists, and is writable. OK
 Directory /usr/local/lib64: exists, and is writable. OK
 Directory /var/lib: exists, and is writable. OK
 Directory /usr/local/lib64/rkhunter/scripts: creating: OK.
 Directory /var/lib/rkhunter/db: creating: OK.
 Directory /var/lib/rkhunter/tmp: creating: OK.
 Directory /var/lib/rkhunter/db/i18n: creating: OK.
 Installing check_modules.pl: OK.
 Installing check_update.sh: OK.
 Installing check_port.pl: OK.
 Installing filehashmd5.pl: OK.
 Installing filehashsha1.pl: OK.
 Installing showfiles.pl: OK.
 Installing stat.pl: OK.
 Installing readlink.sh: OK.
 Installing backdoorports.dat: OK.
 Installing mirrors.dat: OK.
 Installing os.dat: OK.
 Installing programs_bad.dat: OK.
 Installing programs_good.dat: OK.
 Installing defaulthashes.dat: OK.
 Installing md5blacklist.dat: OK.
 Installing suspscan.dat: OK.
 Installing rkhunter.8: OK.
 Installing ACKNOWLEDGMENTS: OK.
 Installing CHANGELOG: OK.
 Installing FAQ: OK.
 Installing LICENSE: OK.
 Installing README: OK.
 Installing WISHLIST: OK.
 Installing language support files: OK.
 Installing rkhunter: OK.
 Installing rkhunter.conf: OK.
Installation finished.
[root@localhost rkhunter-1.3.0]# rkhunter

Usage: rkhunter {--check | --update | --propupd | --versioncheck |
                 --list [tests | languages | rootkits] |
                 --version | --help} [options]

Current options are:
         --append-log                  Append to the logfile, do not overwrite
         --bindir <directory>...       Use the specified command directories
     -c, --check                       Check the local system
  --cs2, --color-set2                  Use the second color set for output
         --configfile <file>           Use the specified configuration file
         --cronjob                     Run as a cron job
                                       (implies -c, --sk and --nocolors options)
         --dbdir <directory>           Use the specified database directory
         --debug                       Debug mode
                                       (Do not use unless asked to do so)
         --disable <test>[,<test>...]  Disable specific tests
                                       (Default is to disable no tests)
         --display-logfile             Display the logfile at the end
         --enable  <test>[,<test>...]  Enable specific tests
                                       (Default is to enable all tests)
         --hash {MD5 | SHA1 | NONE |   Use the specified file hash function
                 <command>}            (Default is SHA1)
     -h, --help                        Display this help menu, then exit
 --lang, --language <language>         Specify the language to use
                                       (Default is English)
         --list [tests | languages |   List the available test names, languages,
                 rootkits]             or checked for rootkits, then exit
     -l, --logfile [file]              Write to a logfile
                                       (Default is /var/log/rkhunter.log)
         --noappend-log                Do not append to the logfile, overwrite it
         --nocolors                    Use black and white output
         --nolog                       Do not write to a logfile
--nomow, --no-mail-on-warning          Do not send a message if warnings occur
   --ns, --nosummary                   Do not show the summary of check results
 --novl, --no-verbose-logging          No verbose logging
         --pkgmgr {RPM | DPKG | BSD |  Use the specified package manager to obtain or
                   NONE}               verify file hash values. (Default is NONE)
         --propupd                     Update the file properties database
     -q, --quiet                       Quiet mode (no output at all)
  --rwo, --report-warnings-only        Show only warning messages
     -r, --rootdir <directory>         Use the specified root directory
   --sk, --skip-keypress               Don't wait for a keypress after each test
         --summary                     Show the summary of system check results
                                       (This is the default)
         --syslog [facility.priority]  Log the check start and finish times to syslog
                                       (Default level is authpriv.notice)
         --tmpdir <directory>          Use the specified temporary directory
         --update                      Check for updates to database files
   --vl, --verbose-logging             Use verbose logging (on by default)
     -V, --version                     Display the version number, then exit
         --versioncheck                Check for latest version of program
     -x, --autox                       Automatically detect if X is in use
     -X, --no-autox                    Do not automatically detect if X is in use

[root@localhost rkhunter-1.3.0]#

Last edited by leigh123linux; 16th October 2007 at 11:09 AM.
Reply With Quote
  #8  
Old 16th October 2007, 10:48 PM
bigmacbb63 Offline
Registered User
 
Join Date: Feb 2006
Location: southern california
Posts: 521
It still didn't work and I did exactly as you said?
Is there any other way to install this?

bigmac
Reply With Quote
  #9  
Old 16th October 2007, 10:49 PM
bigmacbb63 Offline
Registered User
 
Join Date: Feb 2006
Location: southern california
Posts: 521
this is the latest it won't work!

[robert@localhost ~]$ su rkhunter
su: user rkhunter does not exist
[robert@localhost ~]$ su -
Password:
[root@localhost ~]# rkhunter
-bash: rkhunter: command not found
[root@localhost ~]#
[root@localhost ~]# yum localinstall --nogpgcheck rkhunter-1.3.0-1.noarch.rpm
Setting up Local Package Process
Cannot open file: rkhunter-1.3.0-1.noarch.rpm. Skipping.
Nothing to do
[root@localhost ~]#

What is going on?
Reply With Quote
  #10  
Old 16th October 2007, 10:51 PM
bigmacbb63 Offline
Registered User
 
Join Date: Feb 2006
Location: southern california
Posts: 521
As you can see from the latest it still doesn't work and I am doing it correctly?

[robert@localhost ~]$ su
Password:
[root@localhost robert]# [robert@localhost ~]$ su rkhunter
bash: [robert@localhost: command not found
[root@localhost robert]# su: user rkhunter does not exist
bash: su:: command not found
[root@localhost robert]# [robert@localhost ~]$ su -
bash: [robert@localhost: command not found
[root@localhost robert]# Password:
bash: Password:: command not found
[root@localhost robert]# [root@localhost ~]# rkhunter
bash: [root@localhost: command not found
[root@localhost robert]# -bash: rkhunter: command not found
bash: -bash:: command not found
[root@localhost robert]# [root@localhost ~]#
bash: [root@localhost: command not found
[root@localhost robert]# [root@localhost ~]# yum localinstall --nogpgcheck rkhunter-1.3.0-1.noarch.rpm
bash: [root@localhost: command not found
[root@localhost robert]# Setting up Local Package Process
bash: Setting: command not found
[root@localhost robert]# Cannot open file: rkhunter-1.3.0-1.noarch.rpm. Skipping.
bash: Cannot: command not found
[root@localhost robert]# Nothing to do
bash: Nothing: command not found
[root@localhost robert]# [root@localhost ~]#
bash: [root@localhost: command not found
[root@localhost robert]#
Reply With Quote
  #11  
Old 16th October 2007, 11:10 PM
leigh123linux
Guest
 
Posts: n/a
try

Code:
su -
wget http://www.linux-ati-drivers.homecall.co.uk/rkhunter-1.3.0-1.noarch.rpm
yum --nogpgcheck localinstall rkhunter-1.3.0-1.noarch.rpm
rkhunter
Reply With Quote
  #12  
Old 17th October 2007, 12:39 AM
bigmacbb63 Offline
Registered User
 
Join Date: Feb 2006
Location: southern california
Posts: 521
It worked I can't believe it! Thank you so very much! This is wonderful.

You guys here in the forum are so incredible. Thank you for your grace and mercy on me.
I am a very impatient man and that is a terrible trait.

Again - thank you,

bigmac
Reply With Quote
  #13  
Old 24th December 2007, 08:46 AM
bigmacbb63 Offline
Registered User
 
Join Date: Feb 2006
Location: southern california
Posts: 521
rkhunter warnings?

Does anybody know how to fix this?

Performing system configuration file checks
Checking for SSH configuration file [ Found ]
Checking if SSH root access is allowed [ Warning ]
Checking if SSH protocol v1 is allowed [ Not allowed ]
Checking for running syslog daemon [ Found ]
Checking for syslog configuration file [ Warning ]

Performing filesystem checks
Checking /dev for suspicious file types [ Warning ]
Checking for hidden files and directories [ Warning ]

I would be so grateful for any help I could get.

Thanks - bigmac
Reply With Quote
  #14  
Old 27th December 2007, 11:42 AM
HughA Offline
Registered User
 
Join Date: Dec 2007
Location: Sydney, Australia
Age: 54
Posts: 6
Modifications to SSH

Gudday,

The change that rkhunter is looking for in SSH is as follows:

current working directory = /etc/ssh
==========================================
sdiff -sw80 sshd_config sshd_config.orig
PermitRootLogin no <
==========================================

As shown, the output is from 'sdiff', so the text on the left of the 'less than' sign has been added to /etc/ssh/sshd_config. Disabling remote root logins is more secure (that is, of course, assuming that sshd is running on your system, and that SSH is allowed in through your firewall).

There are a few other handy SSH security tweaks, but making the above change will keep rkhunter happy. Don't forget to back up the original version of your configuration file before making any changes ;-)

I'm not sure what rkhunter is looking for vis-a-vis syslog configuration.

Regards,
Hugh

Last edited by HughA; 27th December 2007 at 11:45 AM.
Reply With Quote
  #15  
Old 18th February 2009, 04:03 PM
kurtdriver Offline
Registered User
 
Join Date: Jul 2005
Location: Vancouver, Canada
Posts: 1,586
And now that it works you can set it to run automatically.
To set up rkhunter as a cronjob use cron. the manual is at
[you@yourbox~]$man cron
[you@yourbox~]$man crontab you can set it up to run monthly daily, or hourly.
I'd run rkhunter --update monthly and rkhunter --check daily, every 5 hours? No idea.
Good Luck! Kurt

Last edited by kurtdriver; 18th February 2009 at 05:00 PM.
Reply With Quote
Reply

Tags
continued, rkhunter

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Wireless (continued) LT72884 Servers & Networking 28 27th November 2007 08:06 PM
Wireless (continued) LT72884 Servers & Networking 1 26th November 2007 05:22 PM
Yum update rkhunter 'Could not find update match for rkhunter' open4biz Security and Privacy 7 11th October 2007 02:42 AM
Sound issue continued :/ MNKyDeth Using Fedora 2 24th December 2004 03:34 PM


Current GMT-time: 09:29 (Saturday, 25-10-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat
Povoa de Varzim - Naryn Photos - Engelskirchen Photos on Instagram