因此,我刚刚安装并运行了rkhunter,它向我展示了绿色OKs /,除了:/usr/bin/lwp-请求,如下所示:
/usr/bin/lwp-request [ Warning ]
日志上写着:
Warning: The command '/usr/bin/lwp-request' has been replaced by a
script: /usr/bin/lwp-request: Perl script text executable
我已经运行了rkhunter --propupd和su
我用的是Rkhunter这个被展示了。
[ Rootkit Hunter version 1.4.2 ]
File updated: searched for 175 files, found 141
baymax@vostro:~$ sudo rkhunter -c --enable all --disable none --rwo
Warning: The following processes are using deleted files:
Process: /sbin/upstart PID: 935 File: /home/baymax/.cache/
当我的cron作业运行检查时,我每天都会收到RKHunter警告。我在FreeBSD 10.2
这是我得到的警告:
Warning: No hash value found for file '/usr/bin/perl' in the 'rkhunter.dat' file.
我已经尝试过rkhunter --update和rkhunter --propupd,但警告仍然存在。
rkhunter --propupd
[ Rootkit Hunter version 1.4.2 ]
File updated: searched for 171 files, fo
在这里的rkhunter配置文件中,/etc/default/rkhunter中写着:
# Defaults for rkhunter automatic tasks
# sourced by /etc/cron.*/rkhunter and /etc/apt/apt.conf.d/90rkhunter
#
# This is a POSIX shell fragment
#
# Set this to yes to enable rkhunter daily runs
# (default: true)
CRON_DAILY_RUN=""
# Set this to ye
最近,我很怀疑有人出卖了我的系统。我觉得标签有时会变。例如,我在chrome上做了一些事情,突然它显示了歌剧屏幕(尽管它们都在运行,但我从未点击过歌剧屏幕)和类似的东西。
所以我下载了rkhunter,通过运行sudo rkhunter -c --enable all --disable none进行了测试--我的输出如下。这些都是假的警告,还是真的有什么值得我担心的?
Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: a /usr/b
我在Debian9.5上,有以下/etc/ Debian . file /rkhunter文件:
#!/bin/sh
OUTPUT=`rkhunter --cronjob --report-warnings-only`
if [ "$OUTPUT" != "" ]
then
echo $OUTPUT | mail -s "[rkhunter] Warnings found for $(hostname)" root@youremail
fi
我已经用我的真邮件换了信。
当我执行sudo /etc/ execute . work /rk
我已将rkhunter安装如下:
sudo apt-get install rkhunter
即使我启用了所有测试,但当我运行时:
sudo rkhunter --check --sk
如果我签入日志文件,我会看到关于unhide命令的如下内容:
[21:21:04] Info: Starting test name 'hidden_procs'
[21:21:04] Info: Found the 'unhide' command: /usr/bin/unhide
[21:21:04] Info: The use of 'unhide' has
我试着用创建系统d启动脚本,在系统启动30分钟后启动rkhunter扫描写我的笔记本电脑,像这样:
[Unit]
Description=starts rkhunter and displays any findings with zenity
[Service]
ExecStartPre=/bin/sleep 1800
ExecStart=/usr/local/sbin/rkhunter-check
[Install]
WantedBy=default.target
但如果出现超时错误,则会失败。
Job for rkhunter.service failed because a tim