I found that the rkhunter v1.4.2 (Debian distro, I don't know about other flavors or versions) had a strange problem. Installed for the first time, I can not update it:
host:/root# rkhunter --update
Invalid WEB_CMD configuration option: Relative pathname: "/bin/false"
Fixing this in config file (/etc/rkhunter.conf) by removeing /bin/false between quotes I had another error:
ns3:/etc# rkhunter --update
[ Rootkit Hunter version 1.4.2 ]
Checking rkhunter data files...
Checking file mirrors.dat [ Skipped ]
Checking file programs_bad.dat [ Update failed ]
Checking file backdoorports.dat [ Update failed ]
Checking file suspscan.dat [ Update failed ]
Checking file i18n versions [ Update failed ]
So, digging a little bit I found the following solution. All you need is to replace the followings in the /etc/rkhunter.conf file:
From UPDATE_MIRRORS=0 to UPDATE_MIRRORS=1
From MIRRORS_MODE=1 to MIRRORS_MODE=0
From WEB_CMD="/bin/false" to WEB_CMD=""
The funny thing is that in the rkhunter.conf comments, the recommended values are good. :)
Thanks! :)
ReplyDeletewahoo
ReplyDeleteFoarte frumos articol. Mulțumesc. Un alt blog informativ care poate fi foarte util pentru dvs. este aici https://www.blacklatteoficial.com
ReplyDeletePlease continue this great work and I look forward to more of your awesome blog posts. ochelari de condus
ReplyDeleteIs this also possible with some VPN?
ReplyDeleteThanks great information also for the extensii par natural
ReplyDelete