Also there are still not an update...
Full Version: rkhunter still not updated...
I wanted to just warn and share it others that since last big update rkhunter has give (BAD) md5sum check this should be normal since many things was updated...
Also there are still not an update...
Also there are still not an update...
QUOTE (budway)
I wanted to just warn and share it others that since last big update rkhunter has give (BAD) md5sum check this should be normal since many things was updated...
Also there are still not an update...
Also there are still not an update...
which version do you use, 1.2.5 /me !?!...
I have no incorrect MD5s with RKHunter 1.2.6. I also just updated it with the latest database stuff. It was released yesterday (19th) at 1900 (7:00PM)...what time, if not GMT, zone I dunno.
I have Rootkit Hunter 1.2.6 and I get 17 Incorrect MD5 checksums. I run rkhunter --update and it shows
But when I run rkhunter -c, it still shows the same 17 Incorrect MD5 checksums. I run rkhunter --update once more, and it gives the same output as above. I try it like 10 times, and it still won't update. What's the problem?
CODE
Mirrorfile /usr/local/rkhunter/lib/rkhunter/db/mirrors.dat rotated
Using mirror http://mirror13.mirror.rkhunter.org
[DB] Mirror file : Up to date
[DB] MD5 hashes system binaries : Update available
Action: Database updated (current version: 2005050600, new version 2005051900)
[DB] Operating System information : Update available
Action: Database updated (current version: 2005050700, new version 2005051900)
[DB] MD5 blacklisted tools/binaries : Up to date
[DB] Known good program versions : Up to date
[DB] Known bad program versions : Up to date
Ready.
Using mirror http://mirror13.mirror.rkhunter.org
[DB] Mirror file : Up to date
[DB] MD5 hashes system binaries : Update available
Action: Database updated (current version: 2005050600, new version 2005051900)
[DB] Operating System information : Update available
Action: Database updated (current version: 2005050700, new version 2005051900)
[DB] MD5 blacklisted tools/binaries : Up to date
[DB] Known good program versions : Up to date
[DB] Known bad program versions : Up to date
Ready.
But when I run rkhunter -c, it still shows the same 17 Incorrect MD5 checksums. I run rkhunter --update once more, and it gives the same output as above. I try it like 10 times, and it still won't update. What's the problem?
Well I still get that update process, like it's not updating, however I get no MD5 errors when I run it.
try to reinstall
Nope. Same on three machines, even after reinstall of RKHunter 1.2.6.
The guy who maintains rkhunter, Michael Boelen, says he's aware of the updater issue in 1.2.6 and will be releasing a new version this weekend.
Rootkit hunter 1.2.6 is also reporting 17 md5 checksum errors for us too.
Looks like the version 1.2.6 is not updating at all any modules from the server (rkhunter --update).
So this issue is normal till they fix rkhunter updating thing...
Also re-install re-download 1.2.6 does not work...
We will just have to wait to the next version of rkhunter.
So this issue is normal till they fix rkhunter updating thing...
Also re-install re-download 1.2.6 does not work...
We will just have to wait to the next version of rkhunter.
Just letting people know we're getting the same rkhunte errors. Glad its not a hack!!!
New:
- Added support for CentOS 4.0
- Added support for Mandrake 10.2
- Added support for Gentoo (sparc/sparc64/x86)
- Added additional support for E-smith (SME 6.0.1)
- Added support for FreeBSD 4.5 and 4.6
Changes:
- Improved support for Bind (thanks to Craig)
- Improved support for RHEL AS release 3
- Updated hashes for SuSE 9.1 (core-utils)
Bugfixes:
- Fixed problem with the updater (file was retrieved, but not placed within
the correct directory)
You can download it from here (my site), or from it's homepage.
- Added support for CentOS 4.0
- Added support for Mandrake 10.2
- Added support for Gentoo (sparc/sparc64/x86)
- Added additional support for E-smith (SME 6.0.1)
- Added support for FreeBSD 4.5 and 4.6
Changes:
- Improved support for Bind (thanks to Craig)
- Improved support for RHEL AS release 3
- Updated hashes for SuSE 9.1 (core-utils)
Bugfixes:
- Fixed problem with the updater (file was retrieved, but not placed within
the correct directory)
You can download it from here (my site), or from it's homepage.
umm. I've updated to 1.2.7 but I still get the same 17 Incorrect MD5 checksums.
what OS are you running?
before installing rkhunter 1.2.7, have you deleted /usr/local/rkhunter ?
after installing, have you ran rkhunter --update ?
before installing rkhunter 1.2.7, have you deleted /usr/local/rkhunter ?
after installing, have you ran rkhunter --update ?
RHEL ES 3
no, but" rkhunter --version" shows "Rootkit Hunter 1.2.7", and "rkhunter -c" shows "Rootkit Hunter 1.2.7 is running" at the top. should I delete and re-install?
yes
no, but" rkhunter --version" shows "Rootkit Hunter 1.2.7", and "rkhunter -c" shows "Rootkit Hunter 1.2.7 is running" at the top. should I delete and re-install?
yes
that's strange.
delete the installation and re-install it
delete the installation and re-install it
RHE 3 ES - Still reporting bad after updated to 1.2.7
meanwhile Centos 3.4 all green though
meanwhile Centos 3.4 all green though
could you post your rkhunter scan logs here or on PM?
btw. If some of the binaries are bad, try using /etc/cron.daily/prelink
btw. If some of the binaries are bad, try using /etc/cron.daily/prelink
No need on using prelink,
The rkhunter 1.2.7 is giving bad markers (Md5sum) on two RHE ES/AS systems.
Any way those are my find's
The rkhunter 1.2.7 is giving bad markers (Md5sum) on two RHE ES/AS systems.
Any way those are my find's
rkhunter --update .. few mins ago.. and now all green i updated a few times last nite after instalingl 1.2.7 .. but there was no update..
prob fixed
i updated a few times last nite after instalingl 1.2.7 .. but there was no update..
prob fixed
Yes I guess they finally updated there md5sum
I notice the server01 and 07 where updated on there server list.
But there is alwways some server not updated so ifd that happends to you just update the thing again
I notice the server01 and 07 where updated on there server list.
But there is alwways some server not updated so ifd that happends to you just update the thing again
I'm getting these errors:
Does anyone know how to fix it? When I put the URL in a browser, it works fine... maybe I'm missing some Perl packages?
CODE
# rkhunter --update
Running updater...
Mirrorfile /usr/local/rkhunter/lib/rkhunter/db/mirrors.dat rotated
Using mirror http://mirror18.mirror.rkhunter.org
[DB] Mirror file : Update available
Fatal error: Can't retrieve file: http://mirror18.mirror.rkhunter.org/mirrors.dat.gz
[DB] MD5 hashes system binaries : Update available
Fatal error: Can't retrieve file: http://mirror18.mirror.rkhunter.org/defaulthashes.dat.gz
[DB] Operating System information : Update available
Fatal error: Can't retrieve file: http://mirror18.mirror.rkhunter.org/os.dat.gz
[DB] MD5 blacklisted tools/binaries : Up to date
[DB] Known good program versions : Up to date
[DB] Known bad program versions : Up to date
Ready.
Running updater...
Mirrorfile /usr/local/rkhunter/lib/rkhunter/db/mirrors.dat rotated
Using mirror http://mirror18.mirror.rkhunter.org
[DB] Mirror file : Update available
Fatal error: Can't retrieve file: http://mirror18.mirror.rkhunter.org/mirrors.dat.gz
[DB] MD5 hashes system binaries : Update available
Fatal error: Can't retrieve file: http://mirror18.mirror.rkhunter.org/defaulthashes.dat.gz
[DB] Operating System information : Update available
Fatal error: Can't retrieve file: http://mirror18.mirror.rkhunter.org/os.dat.gz
[DB] MD5 blacklisted tools/binaries : Up to date
[DB] Known good program versions : Up to date
[DB] Known bad program versions : Up to date
Ready.
Does anyone know how to fix it? When I put the URL in a browser, it works fine... maybe I'm missing some Perl packages?
Same thing HERE, with different mirror !?!... 
update your rkhunter version (download lastest tar) the 1.25/6 version have a bug on the update that rkhunter executes with the command (--update).
This problem is solved in the version 1.27.
Good luck
This problem is solved in the version 1.27.
Good luck
So I need to reinstall it with the lastest version !?... Right !...
2 of our RHE 3 boxes are uniing 1.2.7 and we are still getting these same errors
anyone have any ideas?
anyone have any ideas?
Make sure you remove /usr/local/bin/rkhunter and /usr/local/rkhunter before installing 1.2.7. I found that the binary doesn't get replaced on some machines (others worked fine, however).
Hi!
Today my rkhunter started showing wrong checksums for 4 files.
I use version 1.27 and didn't have problems till now.
when i run rpm -Vf /wrongChecksum_file it shows nothing.
Is anybody else expiriencing the same thing?
thanks.
Best regards.
Today my rkhunter started showing wrong checksums for 4 files.
I use version 1.27 and didn't have problems till now.
when i run rpm -Vf /wrongChecksum_file it shows nothing.
Is anybody else expiriencing the same thing?
thanks.
Best regards.
You'll see that if you updated your system recently....like with the RHEL3 Update 6 or RHEL4 Uodate 2 that came out recently. You'll have to wait until RKHunter's dev team updates the databases for the new checksums. You can them get them with /path/to/rkhunter/rkhunter --update
Interesting thing is that I have 2 servers with RHE3 and both of them are updated daily with up2date and only one of them shows this errors? Does anybody have any explanation on this.
Thanks. Best regards.
Thanks. Best regards.
My rkhunter was all green and giving this message above:
Warning: This operating system is not fully supported!
Line: Warning: This operating system is not fully supported!
Than a few week's ago I gave a update (rkhunter --update) since than I have some md5sum errors.
But that warning message that the old update was showing is not showing anymore...
Warning: This operating system is not fully supported!
Line: Warning: This operating system is not fully supported!
Than a few week's ago I gave a update (rkhunter --update) since than I have some md5sum errors.
But that warning message that the old update was showing is not showing anymore...
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.