Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#31 RK Hunter "Testing Running Processes"

closed
John Horne
None
5
2008-02-21
2008-01-16
Golgo13
No

Hi, my name is Ben. Im new here. I have a server that we're using RKhunter on. It seems to work fine. I am just concerned with the Daily run...the run will say [BAD] for "Testing Running Processes" ..or

Suspicious files and malware
Scanning for known rootkit strings [ OK ]
Scanning for known rootkit files [ OK ]
Testing running processes... [ BAD ] <-----HERE ********
Miscellaneous Login backdoors [ OK ]
Miscellaneous directories [ OK ]
Software related files [ OK ]
Sniffer logs [ OK ]

Im trying to figure out how to make "Testing for Running Processes" work?

I know this means its not running the test. How can I fix this issue if anyone knows out there?

Any ideas will be great!
Thanks
Ben

Discussion

  • John Horne
    John Horne
    2008-01-22

    Logged In: YES
    user_id=665381
    Originator: NO

    No, it does not mean the test has not run. The test has run, and found something that it wasn't expecting. You need to look in the log file (probably /var/log/rkhunter.log) to see what it has found. If a test isn't run it will say 'skipped', not 'bad'.

    However, I can see that you are running rkhunter version 1.2.9 (or before). I would very much suggest that you upgrade to the latest version, as we do not generally support 1.2.9 anymore.

    John.

     
  • John Horne
    John Horne
    2008-01-22

    • assigned_to: nobody --> jhorne
     
  • John Horne
    John Horne
    2008-02-21

    • status: open --> closed
     
  • John Horne
    John Horne
    2008-02-21

    Logged In: YES
    user_id=665381
    Originator: NO

    Heard no more about this - closing the request.

    John.