Difference between revisions of "Rkhunter"

From CBLFS
Jump to navigationJump to search
(Added page.)
 
(Patch to allow FHS compliant install and CLFS support.)
Line 3: Line 3:
 
!Download Source:
 
!Download Source:
 
|http://downloads.sourceforge.net/rkhunter/rkhunter-{{Rkhunter-Version}}.tar.gz
 
|http://downloads.sourceforge.net/rkhunter/rkhunter-{{Rkhunter-Version}}.tar.gz
 +
|-
 +
!Download Patch:
 +
|http://svn.cross-lfs.org/svn/repos/patches/rkhunter/rkhunter-{{Rkhunter-Version}}-fhscomply-1.patch
 +
|-
 +
!Download Patch:
 +
|http://svn.cross-lfs.org/svn/repos/patches/rkhunter/rkhunter-{{Rkhunter-Version}}-CLFSSupport-1.patch
 
|}
 
|}
  
Line 10: Line 16:
  
 
== Dependencies ==
 
== Dependencies ==
 +
 +
=== Required ===
 +
* [[wget]]
  
 
=== Recommended ===
 
=== Recommended ===
 
 
* [[fcron]]
 
* [[fcron]]
  
 
=== Optional ===
 
=== Optional ===
 
 
* [[NetTools]]
 
* [[NetTools]]
  
 
== Non-Multilib or Multilib ==
 
== Non-Multilib or Multilib ==
  
Run the install script as a privileged user to install rkhunter.
+
{{Note|You must apply the fhscomply patch to use the installer script flags.}}
 +
 
 +
Apply the patch that allows user-defined installation paths and provides OS support for CLFS:
  
  ./installer.sh --installdir /usr
+
  patch -Np1 -i ../rkhunter-1.2.9-fhscomply-1.patch &&
 +
patch -Np1 -i ../rkhunter-1.2.9-CLFSSupport-1.patch
  
The rkhunter script is installed in /usr/local/bin even if the --installdir flag is passed to the installer. Move the script to /usr/bin:
+
Run the install script as a privileged user to install rkhunter.
  
  mv -v /usr/local/bin/rkhunter /usr/bin
+
  ./installer.sh --installdir /usr --sysconfdir /etc
  
 
== Configuring ==
 
== Configuring ==
  
The rkhunter configuration file is installed in /usr/local/etc even if the --installdir flag is passed to the installer.  Yet the rkhunter script itself looks for the configuration file in /etc firstMove the script to /etc:
+
Update the supported OS database and then add the CLFS-1.0.0 support for checking system tools.
 +
 
 +
rkhunter --update &&
 +
echo "991:Cross Linux from Scratch 1.0.0 (x86_64):/usr/bin/md5sum:/bin:" >> /etc/rkhunter/db/os.dat &&
 +
  echo "992:Cross Linux from Scratch 1.0.0 (i386):/usr/bin/md5sum:/bin:" >> /etc/rkhunter/db/os.dat
  
  mv -v /usr/local/etc/rkhunter.conf /etc
+
Runtime options are defined in the rkhunter configuration file. Edit this file to change the behavior of rkhunter.
  
Runtime options are defined in the rkhunter configuration file.  Edit this file to change the behavior of rkhunter.  Add entries to your crontab to periodically run rkhunter.
+
Add entries to your (f)crontab to periodically run rkhunter.
  
 
  # Run rkhunter update every Friday at 2:00 am.
 
  # Run rkhunter update every Friday at 2:00 am.
Line 44: Line 58:
 
== Contents ==
 
== Contents ==
  
{| style="text-align: left;"
+
{|style="text-align: left;"
 
|-valign="top"
 
|-valign="top"
 
!Installed Directories:
 
!Installed Directories:
|/usr/lib/rkhunter
+
|/usr/lib/rkhunter, /etc/rkhunter
 
|-valign="top"
 
|-valign="top"
 
!Installed Programs:
 
!Installed Programs:

Revision as of 17:15, 8 June 2007

Download Source: http://downloads.sourceforge.net/rkhunter/rkhunter-1.3.2.tar.gz
Download Patch: http://svn.cross-lfs.org/svn/repos/patches/rkhunter/rkhunter-1.3.2-fhscomply-1.patch
Download Patch: http://svn.cross-lfs.org/svn/repos/patches/rkhunter/rkhunter-1.3.2-CLFSSupport-1.patch

Introduction to Rkhunter

rkhunter is a security monitoring and analyzing tool.

Project Homepage: http://rkhunter.sourceforge.net/index.html#about

Dependencies

Required

Recommended

Optional

Non-Multilib or Multilib

Caution.png

Note

You must apply the fhscomply patch to use the installer script flags.

Apply the patch that allows user-defined installation paths and provides OS support for CLFS:

patch -Np1 -i ../rkhunter-1.2.9-fhscomply-1.patch &&
patch -Np1 -i ../rkhunter-1.2.9-CLFSSupport-1.patch

Run the install script as a privileged user to install rkhunter.

./installer.sh --installdir /usr --sysconfdir /etc

Configuring

Update the supported OS database and then add the CLFS-1.0.0 support for checking system tools.

rkhunter --update &&
echo "991:Cross Linux from Scratch 1.0.0 (x86_64):/usr/bin/md5sum:/bin:" >> /etc/rkhunter/db/os.dat &&
echo "992:Cross Linux from Scratch 1.0.0 (i386):/usr/bin/md5sum:/bin:" >> /etc/rkhunter/db/os.dat

Runtime options are defined in the rkhunter configuration file. Edit this file to change the behavior of rkhunter.

Add entries to your (f)crontab to periodically run rkhunter.

# Run rkhunter update every Friday at 2:00 am.
& 00 02 * * fri /usr/bin/rkhunter --update
# Run rkhunter as a cronjob every Friday at 3:00 am.
& 00 03 * * fri /usr/bin/rkhunter --cronjob

Contents

Installed Directories: /usr/lib/rkhunter, /etc/rkhunter
Installed Programs: rkhunter

Short Descriptions

rkhunter is a script for security monitoring and analyses of your system.
Retrieved from "?title=Rkhunter&oldid=10207"