Ubuntu :: Chmod Not Working, Rkhunter Install?
Mar 8, 2011sudo: /etc/sudoers is mode 0777, should be 0440 sudo: no valid sudoers sources found, quitting Is the message I'm getting.
View 2 Replies
ADVERTISEMENT
Ubuntu Servers :: Chmod -R Not Working At All?
Mar 7, 2010I just finished setting up my home ubuntu home server. Installed LAMP and it works beautifully. The problem is everytime I upload a file through FTP into the server, the file changes permission even though I did chmod -R 755 www. Si everytime I upload a file to my server i need to run the command chmod -R 755 /var/www
View 1 Replies View RelatedUbuntu Servers :: Chmod G+s Not Working?
Jun 18, 2011I have spent the last 2 hours trying to get this to work and it is driving me crazy, I have a 11.04 box and have setup some zfs filesystems for data storage, I have 2 users and have created a group called media and added both of the users to the group. I have changed the group of the directory to media and have set chmod g+s
root@saturn:/tank/data# ls -l
total 8
drwxrws--- 2 root media 2 2011-06-18 13:59 Backups
drwxrws--- 2 root media 2 2011-06-18 14:26 Music
drwxrws--- 2 root media 2 2011-06-18 12:44 Pictures
[Code]...
OpenSUSE :: Install Chkrootkit / Rkhunter And Zenmap In 11.2 Kde
Jun 23, 2010how to install chkrootkit, rkhunter and zenmap in suse 11.2 kde
View 9 Replies View RelatedGeneral :: Accidentally Did A 'chmod +x Foo' When Meant To Do A 'chmod A+r Foo'?
Jul 17, 2010I accidentally did a 'chmod +x foo' when i meant to do a 'chmod a+r foo'.
-rw-r--r-- 1 casper trad 53 Jul 17 22:41 filegore
-rw-r--r-- 1 casper trad 13 Jul 17 22:41 filelemme
-rw-r--r-- 1 casper trad 24 Jul 17 22:41 nix
[code]....
Fedora :: Can't Install .bin As Su And After Chmod?
Nov 4, 2009I wan to install a .bin file after I logged in as a super user also changing mod of the file doesn't work as proved through file properties I tried also chown but in vain here is a picture of the terminal:Quote:
[aratux@localhost downloads]$ su
Password:
[root@localhost downloads]# AdobeAIRInstaller.bin
[code]....
Fedora :: Chmod Command To Install VMware Bundle File?
May 9, 2011I was trying to install vmware.bundle file, and found a terminal command that helped me install the program.
su
chmod +x VM*.bundle
./VM*.bundle
I was just curious what the command chmod was for? Just trying to understand the terminal a little better.
Ubuntu Security :: Best Way To Use Chkrootkit Or Rkhunter
Apr 14, 2010What the best method is for checking for rootkits? I have heard that it is best not to install and run these programs on the distro itself. Would it be possible to install them on another distro/partition and then use them to check for rootkits on my main partition/distro (Ubuntu)?
View 9 Replies View RelatedUbuntu :: Rkhunter Output - Possible Rootkit ?
Nov 9, 2010Quote:
Warning: Network TCP port 60922 is being used by /usr/lib/chromium-browser/chromium-browser. Possible rootkit: zaRwT.KiT
Use the 'lsof -i' or 'netstat -an' command to check this.
Got this checking rkhunter logs but running rkhunter shows nothing suspicious, should I be worried?
Ubuntu Security :: Rkhunter Comes With A Warning?
Jul 13, 2011Just I install the rkhunter tool via apt-get install rkhunter. When I had run the rkhunter check, rkhunter comes with a warning about "GasKit Rootkit", i dont understand what it is
This server is install new last and maby 1 week old, so i don't understand why this happends.
Ubuntu Security :: Interpret The 'dates' In Rkhunter.log?
Oct 6, 2010I've got rkhunter installed and regularly do scans immediately before & after updates & if I get warnings about 'file property updates' after the update I use 'rkhunter --propupd' to give me a clean run.I'm about to setup a ubuntu computer for my nan, I want to enable automatic security updates so she doesn't have to do anything to keep her system secure. I was planning on running rkhunter when I go to her house (about once a month) and check the dates in the resulting rkhunter.log warnings with those in the var/log/apt/history.log to see if legitimate updates caused any rkhunter warnings. I've noticed though that the 'Current file modifiation time:' in the rkhunter.log warnings are incorrect.
My system seems to be about 15 days behind the actual date, I've now run rkhunter --propupd so I have no warnings but got this one off another forum post to show what I mean:
Current file modification time: 1283341157 (01-Sep-2010 06:39:17)
I believe that the '1283341157' is the time in some strange format and the date in brackets is what rkhunter thinks it might be in human format.
1) How to interpret the 'strange date format' (1283341157 in the line above)?
2) If there's a way of configuring the date in rkhunter so that they're correct in rkhunter.log?
3) If there's a better way of keeping her system up-to-date & secure, it's her first computer & she's 86 so I think setting up automatic security updates is the way to go, it'll be one less thing to overwhelm her!
Ubuntu Security :: Warning Flagged By The 'rkhunter'
Feb 1, 2011When I scanned my Ubuntu 10.04 with rkhunter a root kit hunter toolkit, it gave following warning:
Is there something that I have to worry about.
Code:
Security :: Just Ran Rkhunter And Got A Lot Of Red Warnings?
Jan 11, 2011You should be running a firewall. I would also periodically check for rootkits with rkhunter and chkrootkit. Antivirus is usually optional, but it depends on your network ... if you have Window$ machines, do use clamav or something.Hope I'm not distorting the thread but just ran rkhunter and got a lot of red warnings, especially worrying seems:
Quote:
Applications checks...
Applications checked: 4
Suspect applications: 3
Security :: Rkhunter Useful On Slackware 13.1?
Nov 28, 2010According to the rkhunter home page, rkhunter is tested on Slackware up to version 10.1. Does this mean it is not useful on Slackware 13.1?
View 2 Replies View RelatedUbuntu Security :: Rkhunter Suspicious Files And Folders?
Apr 1, 2010I have been running rkhunter but how do i view the /var/log/rkhunter.log? I have tried using: sudo /var/log/rkhunter.log but all i got was "Command not found?
View 6 Replies View RelatedUbuntu Security :: Rkhunter File Properties Changed?
Sep 12, 2010Rkhunter file properties changed
View 2 Replies View RelatedUbuntu Security :: Ran A Rkhunter Check And In Log Have Found Some Very Odd Reports?
Nov 8, 2010I recently ran a rkhunter check and in my log i have found some very odd (to me at least) reports.
/usr/bin/last [ Warning ]
Warning: The file properties have changed:
File: /usr/bin/last
[code]....
Ubuntu Installation :: Upgrade To Current Version Of Rkhunter?
Sep 1, 2011Today I installed rkhunter, but an old version got installed:
From the terminal
Code:
sudo apt-get install rkhunter
sudo rkhunter --versioncheck
[ Rootkit Hunter version 1.3.6 ]
Checking rkhunter version.
[Code]...
Should this thread have be posted on "Security Discussions"?
OpenSUSE :: Unable To Hunt Rkhunter?
Jun 28, 2010I am in studio and unable to hunt rkhunter, any ideas.
The rpm is available at [URL] but this repo isnt there in studio options.
Security :: Possible False Positive With Rkhunter
Jan 5, 2010I have just been checking one of my machines with rkhunter and got the following result:
Code:
[17:50:08] Warning: Checking for possible rootkit strings [ Warning ]
[17:50:09] Found string 'hdparm' in file '/etc/init.d/checkroot.sh'. Possible rootkit: Xzibit Rootkit
[17:50:09] Found string 'hdparm' in file '/etc/init.d/bootlogd'. Possible rootkit: Xzibit Rootkit
Using a well known search engine shows that others have come across this before: [URL] I have installed the current version of rkhunter from Debian's Unstable repo,but i still have the same result as above. I now check the rkhunter wiki,which mentions the same problem: [URL]
Quote: Here is an example on my system to remove a false positive for a certain rootkit that hit hdparm.
[Code]....
Security :: False Positive From Rkhunter?
Oct 25, 2010Is this a false positive from rkhunter?
/usr/bin/curl [ Warning ]
/usr/bin/ldd [ Warning ]
Chkrootkit came back ok. Running ClamAV and will only add that here if it finds anything. I just neve remember seeing these before. This is in Ubuntu 10.10
Security :: Rkhunter's Email With Several Warnings
Dec 23, 2010Last night I received the classic rkhunter's email with several warnings inside:
Quote:
Warning:
Warning:
Warning:
and so on..
Why rkhunter isn't able to calculate the hash of those files and compare it with the stored one?
Other strange thing: for the "good" file, the hash is often different!
For example, in the last rkhunter.log, /bin/awk is "good".
But:
Quote:
Quote:
So, if the sha1sum is different, why rkhunter tell me that awk is secure?
Fedora Security :: SELinux Warning On Rkhunter?
Mar 17, 2011i get this warning from selinux :
"SELinux is preventing /bin/mailx from append access on the file /var/lib/rkhunter/rkhcronlog.OmRFCZOynG."
I tried to fix it by "# /sbin/restorecon -v /var/lib/rkhunter/rkhcronlog.OmRFCZOynG" as suggested by SELinux but it comes back with another warning, but with a different /rkhcronlog.xxxxxxxxx...
i think its just a way of rkhunter logging issue -. attached here is the actual error message by selinux.
SUSE :: Rkhunter Suspect Files And Applications?
Jun 10, 2010Is this normal? Suspect applications: 2 Suspect files: 7 Code: [09:53:29]
[Code]...
(I'm guessing the suspect applications are OpenSSH & OpenSSL b/c they are outdated but zypper tells me they're up-to-date?)
General :: Rkhunter.conf Doesn't Exists?
Feb 12, 2011I get this warning when running rkhunter:The file rkhunter.cond foes not exist on the system, but it is present in the rkhunter.dat file.However, the conf file does exist as I just edited it.Any ideas on why this error occurs?[root#] locate rkhunter.conf/etc/rkhunter.conf
View 15 Replies View RelatedSecurity :: Localhost Scans With Rkhunter And Chkrootkit?
Feb 16, 2011Let's say you have a host with some kind of locally installed root kit detector/scanner.
If someone managed to get root access to that box. Wouldn't the first thing to do, before installing a root kit, be to remove any kind root kit detector?
Security :: Rkhunter Found Suspicious Files?
Aug 10, 2010I got this warning in the log of rkhunter:Quote:
Checking /dev for suspicious file types [ Warning ]
[13:37:16] Warning: Suspicious file types found in /dev:
[13:37:16] /dev/shm/pulse-shm-43136623: data
[code]....
Fedora Security :: Rkhunter Error - Can't Open File
Jun 4, 2009why I can't open this file.
[root@localhost fedora]# gedit /etc/var/log/rkhunter/rkhunter.log No protocol specified (gedit:24869): Gtk-WARNING **: cannot open display: :0.0 [root@localhost fedora]# gedit /var/log/rkhunter/rkhunter.log No protocol specified
There is absolutely no reason why it can't be opened. I opened it just fine earlier and now it won't open up for inspection.
Fedora Security :: Receiving A Rkhunter Warning On 14 Server
Jun 15, 2011I had been receiving a rkhunter warning on my Fedora 14 server for quite some time now. Attempts to fix the error via information from Google searches have failed. I decided to have a look at bugzilla and what do you know, a fix. The warning:
Quote:
[03:29:08] Warning: The SSH and rkhunter configuration options should be the same:
Warning: The SSH and rkhunter configuration options should be the same:
The fix, according to https://bugzilla.redhat.com/show_bug.cgi?id=596775 is to change
PHP Code:
ALLOW_SSH_PROT_V1=2
to
PHP Code:
ALLOW_SSH_PROT_V1=0
I made the change and ran rkhunter again. No more error. I know everyone was wondering about this.
Security :: Centos 5.5 / Rkhunter Result In Logwatch Mail
Apr 20, 2011I have a server, running Centos 5.5. It runs daily rkhunter and logwatch. From both I get a daily mail.
I have a desktop computer, running Fedora 13 (almost 14...). It runs also a daily rkhunter and logwatch. But I get ONE mail from logwatch, which contains the result of rkhunter.
On the server, I want also only mail from logwatch, containing the rkhunter results. But so far, no luck.
How can I get the rkhunter results in the logwatch mail on my Centos server?