[Systems] [Systems-logs] [rkhunter] sunjammer.sugarlabs.org - Daily report

Samuel Cantero scanterog at gmail.com
Sat Feb 27 13:15:22 EST 2016

Previous message: [Systems] [Systems-logs] [rkhunter] sunjammer.sugarlabs.org - Daily report
Next message: [Systems] [Systems-logs] [rkhunter] sunjammer.sugarlabs.org - Daily report
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I activated the automatic rkhunter database updates after software updates
and executed sudo rkhunter --propupd again.

On Wed, Feb 24, 2016 at 11:27 PM, Bernie Innocenti <bernie at codewiz.org>
wrote:

> On 02/24/2016 11:43 AM, Samuel Cantero wrote:
> > I guess we should keep it and for me the current setup for checking once
> > a day is fine. It was working pretty well before the system upgrade.
>
> That's just because 10.04 was no longer getting any updates :-)
>
>
> > What do you think about to add APT_AUTOGEN="yes" to
> > /etc/default/rkhunter in order to enable automatic rkhunter database
> > updates after software updates?
>
> That's _exactly_ what I wanted :-)
>
>
> > Have we already executed sudo rkhunter --propupd since the last update?
>
> Yes, I did it a couple of times already.
>
>
> > Currently we are using the 1.4.0 version. The last one available is
> > 1.4.2. We could also update it.
>
> If it's packaged in a later version of ubuntu, we can probably get the
> binary package. Small scripts tend to work across different distro
> versions without much trouble.
>
> > On Wed, Feb 24, 2016 at 4:08 AM, Bernie Innocenti <bernie at codewiz.org
> > <mailto:bernie at codewiz.org>> wrote:
> >
> >     Hmpf... rkhunter needs to be updated regularly or it will keep
> >     moaning daily.
> >
> >     Do we want to make it run less often or should I disable it?
> >
> >
> >     On February 23, 2016 10:32:13 PM PST, root at sugarlabs.org
> >     <mailto:root at sugarlabs.org> wrote:
> >
> >         Warning: The O/S name or version has changed since the last run:
> >         Old O/S value: Ubuntu 14.04.3 LTS New value: Ubuntu 14.04.4 LTS
> >         Because of the change(s) the file properties checks may give
> >         some false-positive results.
> >         You may need to re-run rkhunter with the '--propupd' option.
> >         Warning: WARNING! It is the users responsibility to ensure that
> >         when the '--propupd' option
> >         is used, all the files on their system are known to be genuine,
> >         and installed from a
> >         reliable source. The rkhunter '--check' option will compare the
> >         current file properties
> >         against previously stored values, and report if any values
> >         differ. However, rkhunter
> >         cannot determine what has caused the change, that is for the
> >         user to do.
> >         Warning: The file properties have changed:
> >         File: /sbin/sulogin
> >         Current hash: 6de810ad6fa4ba62ddb61b8d8ca373796c39837f
> >         Stored hash : 65190e4215cc434e4405ab06902cd4157981e445
> >         Current inode: 2515049 Stored inode: 2515007
> >         Current file modification time: 1455685146 (16-Feb-2016 23:59:06)
> >         Stored file modification time : 1434339069 (14-Jun-2015 23:31:09)
> >         Warning: The file properties have changed:
> >         File: /usr/bin/last
> >         Current hash: 01b54671ca1769b31a22a0a7b273d25e50fbcedb
> >         Stored hash : fe1465ac9bee6592dbc088a0a437337f2e932ef4
> >         Current inode: 1311229 Stored inode: 1311646
> >         Current file modification time: 1455685146 (16-Feb-2016 23:59:06)
> >         Stored file modification time : 1434339069 (14-Jun-2015 23:31:09)
> >         Warning: The file properties have changed:
> >         File: /usr/bin/ldd
> >         Current hash: fef7edab0f0fc0889c3a4c4f415fa830c3b293a3
> >         Stored hash : e4bf03f0f5d7cff6d6b91822f3e101ff59b6bd06
> >         Current inode: 1311606 Stored inode: 1312373
> >         Current file modification time: 1455650774 (16-Feb-2016 14:26:14)
> >         Stored file modification time : 1424883242 (25-Feb-2015 11:54:02)
> >
>  ------------------------------------------------------------------------
> >
> >         Systems-logs mailing list
> >         Systems-logs at lists.sugarlabs.org
> >         <mailto:Systems-logs at lists.sugarlabs.org>
> >         http://lists.sugarlabs.org/listinfo/systems-logs
> >
> >
> >     --
> >     Sent from my Android device with K-9 Mail. Please excuse my brevity.
> >
> >     _______________________________________________
> >     Systems mailing list
> >     Systems at lists.sugarlabs.org <mailto:Systems at lists.sugarlabs.org>
> >     http://lists.sugarlabs.org/listinfo/systems
> >
> >
> >
> >
> > _______________________________________________
> > Systems mailing list
> > Systems at lists.sugarlabs.org
> > http://lists.sugarlabs.org/listinfo/systems
> >
>
>
> --
>  _ // Bernie Innocenti
>  \X/  http://codewiz.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sugarlabs.org/archive/systems/attachments/20160227/29ec125c/attachment.html>

Previous message: [Systems] [Systems-logs] [rkhunter] sunjammer.sugarlabs.org - Daily report
Next message: [Systems] [Systems-logs] [rkhunter] sunjammer.sugarlabs.org - Daily report
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Systems mailing list