FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 10-30-2008, 02:43 PM
Richard Möhn
 
Default mondo + rkhunter

On Thu, Oct 30, 2008 at 06:01:22AM -0600, Hugo Vanwoerkom wrote:
> Did mondo backup to DVD + restored to different partition.
>
> Now on that different partition rkhunter spits out all sorts of warnings:
>
> ...
> Warning: The file properties have changed:
> File: /bin/bash
> Current inode: 472355 Stored inode: 944706
> ...
>
> How to tell rkhunter:
> Hey dude, we are on a different partition! Reset all your warnings and
> start from scratch!


Maybe with:

rkhunter --propupd

I don't know if it will work, but this command seems the best matching
in the manpage.

Best wishes

Richard
--
Richard Möhn, Laußnitz in Sachsen
Public Key-ID: 4385C7FB
Fingerprint: D74B F0D6 52BD C802 F5E2 B5BF 78AB 5563 4385 C7FB
 
Old 10-31-2008, 01:54 PM
Hugo Vanwoerkom
 
Default mondo + rkhunter

Richard Möhn wrote:

On Thu, Oct 30, 2008 at 06:01:22AM -0600, Hugo Vanwoerkom wrote:

Did mondo backup to DVD + restored to different partition.

Now on that different partition rkhunter spits out all sorts of warnings:

...
Warning: The file properties have changed:
File: /bin/bash
Current inode: 472355 Stored inode: 944706
...

How to tell rkhunter:
Hey dude, we are on a different partition! Reset all your warnings and
start from scratch!



Maybe with:

rkhunter --propupd

I don't know if it will work, but this command seems the best matching
in the manpage.



I used the chicken way out:

apt-get remove --purge rkhunter
apt-get install rkhunter

and then got only:

Warning: The file '/usr/sbin/unhide' exists on the system, but it is not
present in the rkhunter.dat file.
Warning: The file '/usr/sbin/unhide-linux26' exists on the system, but
it is not present in the rkhunter.dat file.

Warning: Found enabled inetd service: printer
Warning: Found enabled inetd service: /usr/sbin/vmware-authd

Note that the first 2 warnings are his own doing: those 2 files were
installed when rkhunter was installed.



Hugo



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 04:50 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org