RootkitHunter specific tests not running
scott
redhowlingwolves at nc.rr.com
Thu Dec 18 01:06:47 UTC 2008
les.etincelles at gmail.com wrote:
> Greetings everyone,
>
> this is my first post to this forum, although i have been following the
lists for a while now in the hopes of complementing my training as a
sysadmin. so hello there!!
>
> my question relates to Rootkithunter,
> http://www.rootkit.nl/projects/rootkit_hunter.html
>
> i am using version 1.3.2, the latest release. my machine is an older
ibm thinkpad running PCLinuxOS 2007 which is based on Mandriva with KDE.
>
> After performing a couple of system scans, I noticed the scan logged
that it did not perform a couple of checks, specifically the "hidden
processes" check. saying that this test was skipped via user's request.
>
> upon looking into the configuration file /etc/rkhunter.config i noticed
that it states its default is to perform ALL tests and disable NONE
> however i noticed there were a couple of tests listed as disabled. i
then proceeded to edit the file in vi, changing the disabled tests field
to "none"
>
> i then ran another scan, and found that the hidden processes check is
STILL not running, it is still being skipped. if anyone has any insight
as to why this is happening, please post. i am preliminarily thinking
it may have something to do with the way this particular linux distro is
laid out? thx in advance.
>
I believe you need the unhide package.
More information about the ubuntu-users
mailing list