rkhunter-1.4.4-61.1.x86_64.rpm


Advertisement

Description

rkhunter - Rootkit Hunter Scans for Rootkits, Backdoors, and Local Exploits

Distribution: openSUSE 42.1
Repository: openSUSE Security all
Package name: rkhunter
Package version: 1.4.4
Package release: 61.1
Package architecture: x86_64
Package type: rpm
Installed size: 1.06 MB
Download size: 234.60 KB
Official Mirror: ftp.gwdg.de
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. This tool scans for rootkits, backdoors, and local exploits by running tests like: * Comparing MD5 hashes * Looking for default files used by rootkits * Checking for wrong file permissions for binaries * Looking for suspected strings in LKM and KLD modules * Looking for hidden files * Optionally scanning within plain text and binary files * Checking software versions * Testing applications

Alternatives

Requires

Provides

  • config(rkhunter) = 1.4.4-61.1
  • rkhunter = 1.4.4-61.1
  • rkhunter(x86-64) = 1.4.4-61.1

    Download

    Install Howto

    1. Add the openSUSE Security repository:
      # zypper addrepo http://ftp.gwdg.de/pub/opensuse/repositories/security/openSUSE_Leap_42.1/ opensuse-security
    2. Install rkhunter rpm package:
      # zypper install rkhunter

    Files

    • /etc/rkhunter.conf
    • /etc/cron.daily/suse.de-rkhunter
    • /etc/logrotate.d/rkhunter
    • /etc/rkhunter.d/00-opensuse.conf
    • /usr/bin/rkhunter
    • /usr/lib64/rkhunter/
    • /usr/lib64/rkhunter/scripts/check_modules.pl
    • /usr/lib64/rkhunter/scripts/filehashsha.pl
    • /usr/lib64/rkhunter/scripts/readlink.sh
    • /usr/lib64/rkhunter/scripts/stat.pl
    • /usr/share/doc/packages/rkhunter-1.4.4/ACKNOWLEDGMENTS
    • /usr/share/doc/packages/rkhunter-1.4.4/CHANGELOG
    • /usr/share/doc/packages/rkhunter-1.4.4/FAQ
    • /usr/share/doc/packages/rkhunter-1.4.4/LICENSE
    • /usr/share/doc/packages/rkhunter-1.4.4/README
    • /usr/share/doc/packages/rkhunter-1.4.4/README.SUSE
    • /usr/share/man/man8/rkhunter.8.gz
    • /var/adm/fillup-templates/sysconfig.rkhunter
    • /var/lib/rkhunter/
    • /var/lib/rkhunter/db/backdoorports.dat
    • /var/lib/rkhunter/db/mirrors.dat
    • /var/lib/rkhunter/db/programs_bad.dat
    • /var/lib/rkhunter/db/suspscan.dat
    • /var/lib/rkhunter/db/i18n/cn
    • /var/lib/rkhunter/db/i18n/de
    • /var/lib/rkhunter/db/i18n/en
    • /var/lib/rkhunter/db/i18n/ja
    • /var/lib/rkhunter/db/i18n/tr
    • /var/lib/rkhunter/db/i18n/tr.utf8
    • /var/lib/rkhunter/db/i18n/zh
    • /var/lib/rkhunter/db/i18n/zh.utf8
    • /var/lib/rkhunter/db/signatures/RKH_BillGates.ldb
    • /var/lib/rkhunter/db/signatures/RKH_Glubteba.ldb
    • /var/lib/rkhunter/db/signatures/RKH_MMD-0028-2014.ldb
    • /var/lib/rkhunter/db/signatures/RKH_dso.ldb
    • /var/lib/rkhunter/db/signatures/RKH_iptablex.ldb
    • /var/lib/rkhunter/db/signatures/RKH_jynx.ldb
    • /var/lib/rkhunter/db/signatures/RKH_kbeast.ldb
    • /var/lib/rkhunter/db/signatures/RKH_libkeyutils.ldb
    • /var/lib/rkhunter/db/signatures/RKH_libkeyutils1.ldb
    • /var/lib/rkhunter/db/signatures/RKH_libncom.ldb
    • /var/lib/rkhunter/db/signatures/RKH_pamunixtrojan.ldb
    • /var/lib/rkhunter/db/signatures/RKH_shv.ldb
    • /var/lib/rkhunter/db/signatures/RKH_sniffer.ldb
    • /var/lib/rkhunter/db/signatures/RKH_sshd.ldb
    • /var/lib/rkhunter/db/signatures/RKH_turtle.ldb
    • /var/lib/rkhunter/db/signatures/RKH_xsyslog.ldb
    • /var/lib/rkhunter/tmp/
    • /var/log/rkhunter.log

    Changelog

    2017-11-23 - rbrown@suse.com - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)

    2017-07-03 - sven@uebelacker.net - upgrade to version 1.4.4 (29/06/2017) - Added the GLOBSTAR configuration file option. This will set the shells globstar option to allow recursive checks of directories. By default this option is disabled. - Added a Japanese translation file. - Added support for the 'BSDng' package manager option. This can be used by those *BSD systems which have the 'pkg' command available (currently later FreeBSD systems). - The BSD package manager will now try the 'pkg_info' command '-W' option if the '-F' option fails. - Added the LOCKDIR configuration option. It is now possible to specify the directory rkhunter will use to store the lock file (if USE_LOCKING has been set). The default is unset, and this will cause rkhunter to look for a directory to use. Details are in the configuration file. - Added the ALLOWIPCPROC configuration file option. This can be used to whitelist suspicious processes using shared memory segments (found during the 'ipc_shared_mem' check).

    2017-04-07 - saigkill@opensuse.org - whitelist /dev/shm/CAPI20* and /dev/shm/sem.CAPI20* (boo#1030378) - whitelist /usr/bin/.fipscheck.hmac (boo#1030378)

    2016-10-25 - meissner@suse.com - do not use /etc/SuSE-release anymore, fallback to generic /etc/os-release (bsc#1006382)

    2016-02-28 - bwiedemann@suse.com - Add rkhunter-grep-fix.patch to fix a bogus warning (boo#968578)

    2015-12-25 - mpluskal@suse.com - Add gpg signature

    2015-05-10 - VolkerKuhlmann@gmx.de - Default config file changed so APPEND_LOG was no longer activated. Add to /etc/rkhunter.d/00-opensuse.conf

    2015-05-10 - VolkerKuhlmann@gmx.de - Fix spec obliterating PKGMGR_NO_VRFY. This fixes bnc#926624 - Create /etc/rkhunter.d and put config added by rpm in a file in it. - Fix hideous way of spec adding config variables to a file.

    2015-04-05 - arun@gmx.de - specfile: * added ALLOWHIDENFILE /dev/.blkid.tab, /dev/.blkid.tab.old, and /etc/.updated

    2014-10-24 - Greg.Freemyer@gmail.com - update to v1.4.2 * See CHANGELOG at http://rkhunter.cvs.sourceforge.net/viewvc/rkhunter/rkhunter/files/CHANGELOG - change Source: field to full URL - change the spelling of README.SuSE to README.SUSE - delete patch rkhunter-1.4.0-crontab.patch, now upstream - add +%{_var}/lib/%{name}/db/signatures to %files section

    Advertisement
    Advertisement