[Systems] [Systems-logs] [rkhunter] sunjammer.sugarlabs.org - Daily report

Samuel Cantero scanterog at gmail.com
Wed Feb 24 14:43:18 EST 2016 

I guess we should keep it and for me the current setup for checking once a
day is fine. It was working pretty well before the system upgrade.

What do you think about to add APT_AUTOGEN="yes" to /etc/default/rkhunter
in order to enable automatic rkhunter database updates after software
updates?

Have we already executed sudo rkhunter --propupd since the last update?

Currently we are using the 1.4.0 version. The last one available is 1.4.2.
We could also update it.


On Wed, Feb 24, 2016 at 4:08 AM, Bernie Innocenti <bernie at codewiz.org>
wrote:

> Hmpf... rkhunter needs to be updated regularly or it will keep moaning
> daily.
>
> Do we want to make it run less often or should I disable it?
>
>
> On February 23, 2016 10:32:13 PM PST, root at sugarlabs.org wrote:
>
>> Warning: The O/S name or version has changed since the last run:
>>          Old O/S value: Ubuntu 14.04.3 LTS    New value: Ubuntu 14.04.4 LTS
>>          Because of the change(s) the file properties checks may give some false-positive results.
>>          You may need to re-run rkhunter with the '--propupd' option.
>> Warning: WARNING! It is the users responsibility to ensure that when the '--propupd' option
>>          is used, all the files on their system are known to be genuine, and installed from a
>>          reliable source. The rkhunter '--check' option will compare the current file properties
>>          against previously stored values, and report if any values differ. However, rkhunter
>>          cannot determine what has caused the change, that is for the user to do.
>> Warning: The file properties have changed:
>>          File: /sbin/sulogin
>>          Current hash: 6de810ad6fa4ba62ddb61b8d8ca373796c39837f
>>
>> Stored hash : 65190e4215cc434e4405ab06902cd4157981e445
>>          Current inode: 2515049    Stored inode: 2515007
>>          Current file modification time: 1455685146 (16-Feb-2016 23:59:06)
>>          Stored file modification time : 1434339069 (14-Jun-2015 23:31:09)
>> Warning: The file properties have changed:
>>          File: /usr/bin/last
>>          Current hash: 01b54671ca1769b31a22a0a7b273d25e50fbcedb
>>          Stored hash : fe1465ac9bee6592dbc088a0a437337f2e932ef4
>>          Current inode: 1311229    Stored inode: 1311646
>>          Current file modification time: 1455685146 (16-Feb-2016 23:59:06)
>>          Stored file modification time : 1434339069 (14-Jun-2015 23:31:09)
>> Warning: The file properties have changed:
>>          File: /usr/bin/ldd
>>          Current hash: fef7edab0f0fc0889c3a4c4f415fa830c3b293a3
>>          Stored hash : e4bf03f0f5d7cff6d6b91822f3e101ff59b6bd06
>>          Current inode: 1311606    Stored inode:
>> 1312373
>>          Current file modification time: 1455650774 (16-Feb-2016 14:26:14)
>>          Stored file modification time : 1424883242 (25-Feb-2015 11:54:02)
>> ------------------------------
>>
>> Systems-logs mailing list
>> Systems-logs at lists.sugarlabs.org
>> http://lists.sugarlabs.org/listinfo/systems-logs
>>
>>
> --
> Sent from my Android device with K-9 Mail. Please excuse my brevity.
>
> _______________________________________________
> Systems mailing list
> Systems at lists.sugarlabs.org
> http://lists.sugarlabs.org/listinfo/systems
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sugarlabs.org/archive/systems/attachments/20160224/a8ac7ff5/attachment.html>

More information about the Systems mailing list