FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 08-13-2012, 11:41 PM
Joel Rees
 
Default rkhunter log stops in the middle

I booted this morning, and it stopped fairly early in the boot process
and hung up.

Booted again and looked at some of the logs, and there are only three
screens of info messages in the rkhunter logs, the last message cut
off in the middle. (It's morning here, I'm not thinking clearly, yet.)

I'm going to vacuum the thing out (it's about that time again), but
should I be worried about the reason rkhunter didn't complete? As in,
a root kit trying to prevent discovery.

--
Joel Rees


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: CAAr43iMkPMU1SkpQZYVZv7uHVcDQHBmhgF18P+tRhnbFmm-5YQ@mail.gmail.com">http://lists.debian.org/CAAr43iMkPMU1SkpQZYVZv7uHVcDQHBmhgF18P+tRhnbFmm-5YQ@mail.gmail.com
 
Old 08-14-2012, 01:03 AM
Joel Rees
 
Default rkhunter log stops in the middle

On 8/14/12, Joel Rees <joel.rees@gmail.com> wrote:
> I booted this morning, and it stopped fairly early in the boot process
> and hung up.
>
> Booted again and looked at some of the logs, and there are only three
> screens of info messages in the rkhunter logs, the last message cut
> off in the middle. (It's morning here, I'm not thinking clearly, yet.)

---------------------------------
$ cat rk*
[06:04:19] Info: Found the 'readlink' command: /bin/readlink
[06:04:19] Info: Found the 'sort' command: /usr/bin/sort
[06:04:20] Info: Found the 'stat' command: /usr/bin/stat
[06:04:20] Info: Found the 'strings' command: /usr/bin/strings
[06:04:20] Info: Found the 'uniq' command: /usr/bin/uniq
[06:04:20] Info: System is not using prelinking
[06:04:20] Info: Using the '/usr/bin/sha1sum' command for the file hash checks
[06:04:20] Info: Stored hash values used hash function '/usr/bin/sha1sum'
[06:04:20] Info: Stored hash values did not use a package manager
[06:04:20] Info: The hash function field in
----------------------------------

And, now that I notice the time, rkhunter has not run since that first
boot up this morning. (But the one that froze or the one that made it
to an X11 session? I need to go back and check.)

> I'm going to vacuum the thing out (it's about that time again), but
> should I be worried about the reason rkhunter didn't complete? As in,
> a root kit trying to prevent discovery.

Vacuumed the dust out, reseated boards and controller cables, etc. No change.

--
Joel Rees


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/CAAr43iMjevV9bOS3R77JwP0zk=SbMJa9DE=XY4xRa9gOZ06Tp A@mail.gmail.com
 
Old 08-19-2012, 12:00 AM
Joel Rees
 
Default rkhunter log stops in the middle

FWIW, somewhere in the last five days, rkhunter started leaving full
logs again. It may have been after the last apt-get update/upgrade
pulled in some updates for clam, which I haven't really been doing
very much with.

On Tue, Aug 14, 2012 at 10:03 AM, Joel Rees <joel.rees@gmail.com> wrote:
> On 8/14/12, Joel Rees <joel.rees@gmail.com> wrote:
>> I booted this morning, and it stopped fairly early in the boot process
>> and hung up.
>>
>> Booted again and looked at some of the logs, and there are only three
>> screens of info messages in the rkhunter logs, the last message cut
>> off in the middle. (It's morning here, I'm not thinking clearly, yet.)
>
> ---------------------------------
> $ cat rk*
> [06:04:19] Info: Found the 'readlink' command: /bin/readlink
> [06:04:19] Info: Found the 'sort' command: /usr/bin/sort
> [06:04:20] Info: Found the 'stat' command: /usr/bin/stat
> [06:04:20] Info: Found the 'strings' command: /usr/bin/strings
> [06:04:20] Info: Found the 'uniq' command: /usr/bin/uniq
> [06:04:20] Info: System is not using prelinking
> [06:04:20] Info: Using the '/usr/bin/sha1sum' command for the file hash checks
> [06:04:20] Info: Stored hash values used hash function '/usr/bin/sha1sum'
> [06:04:20] Info: Stored hash values did not use a package manager
> [06:04:20] Info: The hash function field in
> ----------------------------------
>
> And, now that I notice the time, rkhunter has not run since that first
> boot up this morning. (But the one that froze or the one that made it
> to an X11 session? I need to go back and check.)
>
>> I'm going to vacuum the thing out (it's about that time again), but
>> should I be worried about the reason rkhunter didn't complete? As in,
>> a root kit trying to prevent discovery.
>
> Vacuumed the dust out, reseated boards and controller cables, etc. No change.
>
> --
> Joel Rees



--
--
Joel Rees


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/CAAr43iPecVruR-NyJmQ7J=mTTo-u5Bvq+9yaCXS+VN15FMyJxA@mail.gmail.com
 

Thread Tools




All times are GMT. The time now is 07:47 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org