The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

rkhunter - System tools - syslogd bad?

Discussion in 'General Discussion' started by noimad1, Feb 18, 2005.

  1. noimad1

    noimad1 Well-Known Member

    Joined:
    Mar 27, 2003
    Messages:
    627
    Likes Received:
    0
    Trophy Points:
    16
    I got this output from my rkhunter....

    * System tools
    Performing 'known good' check...
    /sbin/ifconfig [ OK ]
    /usr/bin/watch [ OK ]
    /usr/bin/w [ OK ]
    /usr/bin/whoami [ OK ]
    /usr/bin/who [ OK ]
    /usr/bin/users [ OK ]
    /usr/bin/stat [ OK ]
    /usr/bin/sha1sum [ OK ]
    /usr/bin/kill [ OK ]
    /usr/bin/find [ OK ]
    /usr/bin/file [ OK ]
    /usr/bin/pstree [ OK ]
    /usr/bin/killall [ OK ]
    /usr/bin/lsattr [ OK ]
    /bin/mount [ OK ]
    /bin/netstat [ OK ]
    /bin/egrep [ OK ]
    /bin/fgrep [ OK ]
    /bin/grep [ OK ]
    /bin/cat [ OK ]
    /bin/chmod [ OK ]
    /bin/chown [ OK ]
    /bin/env [ OK ]
    /bin/ls [ OK ]
    /bin/su [ OK ]
    /bin/ps [ OK ]
    /bin/dmesg [ OK ]
    /bin/kill [ OK ]
    /bin/login [ OK ]
    /sbin/chkconfig [ OK ]
    /sbin/depmod [ OK ]
    /sbin/insmod [ OK ]
    /sbin/modinfo [ OK ]
    /sbin/sysctl [ OK ]
    /sbin/syslogd [ BAD ]
    /sbin/init [ OK ]
    /sbin/runlevel [ OK ]


    MD5
    MD5 compared: 50
    Incorrect MD5 checksums: 1


    Now, how do I know it is for sure bad, and if it is, how do I fix? Will a upcp fix it?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Are you running the latest rkhunter (v1.2.0) with the latest updates:

    rkhunter --update

    If you are, what OS are you running and what is the rpm installed version for sysklogd:

    rpm -q sysklogd
     
  3. noimad1

    noimad1 Well-Known Member

    Joined:
    Mar 27, 2003
    Messages:
    627
    Likes Received:
    0
    Trophy Points:
    16

    Old version...good call. I thought we were running up to date versions on all systems, but this server had a really old version....

    Thanks!
     
  4. webits

    webits Well-Known Member

    Joined:
    May 15, 2004
    Messages:
    114
    Likes Received:
    0
    Trophy Points:
    16
    I'VE SAME problem with Rkhunter

    I've the latest Rkhunter

    I get the following Errors when i receive an e-mail :((

    /sbin/depmod [ BAD ]
    /sbin/insmod [ BAD ]
    /sbin/lsmod [ BAD ]
    /sbin/modinfo [ BAD ]
    /sbin/modprobe [ BAD ]

    - /usr/local/etc/rc.local [ Not found ]
    - /usr/local/etc/rc.d/rc.local [ Not found ]
    - /etc/conf.d/local.start [ Not found ]
    - /etc/init.d/boot.local [ Not found ]



    I'm using
    sysklogd-1.4.1-13

    can anyone help please.
     
    #4 webits, May 4, 2005
    Last edited: May 4, 2005
  5. eth00

    eth00 Well-Known Member
    PartnerNOC

    Joined:
    Mar 30, 2003
    Messages:
    723
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    NC
    cPanel Access Level:
    Root Administrator
    Have you upgraded your kernel to a 2.6.x kernel recently OR attempted to? That looks like you installed modtools from source. It could be the sign up more problems but it also may not be.
     
  6. eth00

    eth00 Well-Known Member
    PartnerNOC

    Joined:
    Mar 30, 2003
    Messages:
    723
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    NC
    cPanel Access Level:
    Root Administrator
    So you did update the module-tools? If so you are fine, that is just because rkhunter only recognizes the rpm version.
     
  7. webits

    webits Well-Known Member

    Joined:
    May 15, 2004
    Messages:
    114
    Likes Received:
    0
    Trophy Points:
    16
    Yeah tried to but didn't come right, I think I'll leave it in the hands of Proffesioanls to update
     
  8. eth00

    eth00 Well-Known Member
    PartnerNOC

    Joined:
    Mar 30, 2003
    Messages:
    723
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    NC
    cPanel Access Level:
    Root Administrator
    So you did update the module-tools? If so you are fine, that is just because rkhunter only recognizes the rpm version and not the source version you installed.
     
Loading...

Share This Page