Re: rkhunter log stops in the middle
FWIW, somewhere in the last five days, rkhunter started leaving full
logs again. It may have been after the last apt-get update/upgrade
pulled in some updates for clam, which I haven't really been doing
very much with.
On Tue, Aug 14, 2012 at 10:03 AM, Joel Rees <joel.rees@gmail.com> wrote:
> On 8/14/12, Joel Rees <joel.rees@gmail.com> wrote:
>> I booted this morning, and it stopped fairly early in the boot process
>> and hung up.
>>
>> Booted again and looked at some of the logs, and there are only three
>> screens of info messages in the rkhunter logs, the last message cut
>> off in the middle. (It's morning here, I'm not thinking clearly, yet.)
>
> ---------------------------------
> $ cat rk*
> [06:04:19] Info: Found the 'readlink' command: /bin/readlink
> [06:04:19] Info: Found the 'sort' command: /usr/bin/sort
> [06:04:20] Info: Found the 'stat' command: /usr/bin/stat
> [06:04:20] Info: Found the 'strings' command: /usr/bin/strings
> [06:04:20] Info: Found the 'uniq' command: /usr/bin/uniq
> [06:04:20] Info: System is not using prelinking
> [06:04:20] Info: Using the '/usr/bin/sha1sum' command for the file hash checks
> [06:04:20] Info: Stored hash values used hash function '/usr/bin/sha1sum'
> [06:04:20] Info: Stored hash values did not use a package manager
> [06:04:20] Info: The hash function field in
> ----------------------------------
>
> And, now that I notice the time, rkhunter has not run since that first
> boot up this morning. (But the one that froze or the one that made it
> to an X11 session? I need to go back and check.)
>
>> I'm going to vacuum the thing out (it's about that time again), but
>> should I be worried about the reason rkhunter didn't complete? As in,
>> a root kit trying to prevent discovery.
>
> Vacuumed the dust out, reseated boards and controller cables, etc. No change.
>
> --
> Joel Rees
--
--
Joel Rees
Reply to: