Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My PC and rkhunter.


  • Please log in to reply
2 replies to this topic

#1 dannyboy950

dannyboy950

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:07:54 AM

Posted 23 March 2016 - 01:55 PM

Once I actually got it to run and complete its scan. That was enough for my experiment.

How ever it brought up the fact of my not being able to open and read the log file.

This may be of some interest to others so I opened this thread for them to be able to discuss it.

 

Enjoy.  One question that might be asked is where that log file is kept.  Within the program run under terminal it say it should be in the root of the directory where rkhunter resides.  If rkhunter is command line and called up by terminal, I could not access it from terminal

[possibly used wrong command].  That said what directory would it be in and how to call up the proper path to the file.

 

Ok next batter up. lol


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


BC AdBot (Login to Remove)

 


#2 mremski

mremski

  • Members
  • 498 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NH
  • Local time:09:54 AM

Posted 23 March 2016 - 03:52 PM

from a terminal window, enter the following command:

 

which rkhunter

 

That should tell you which directory it's in.

 

But I'm going to guess that the log file is over in /var/log/rkhunter.log (/var/log is the typical directory for log files).

 

To take a look at it you could do the following from a terminal window:

 

sudo cat /var/log/rkhunter.log

 

Someone else can help with the graphical way of looking at it.


FreeBSD since 3.3, only time I touch Windows is to fix my wife's computer


#3 wizardfromoz

wizardfromoz

  • Banned
  • 2,799 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 PM

Posted 23 March 2016 - 05:55 PM

And that would be ... me?

 

The following, I posted at the OP's previous Topic "Migrating to Linux...", specifically, here -

 

http://www.bleepingcomputer.com/forums/t/607652/migrateing-to-linux-doing-a-lot-of-reading-here/?p=3962050

 

which said:

 

 

 

Retrace your steps into Cinnamon's File Manager, known as Nemo (you can find that if you click Help-About). Down to File System and over to the Var folder, as you have done previously.

 

Now at Var, or at its next level down, where folder Log resides, stop for a moment. Right-click Var or Log and choose "open as root", and enter your password. If you do this at Var, you don't need to do it again at Log. You only need to do it at one level above the information you wish to see or data and files/folders you wish to manipulate.

 

You will have a new Window opened, likely including a red strip about elevated privileges. Proceed to where rkhunter.log is and you will find it no longer has a cross over it.

 

Double-click and the file will open. You can either wade through it all (may be 1,700 lines or more, as it is with me, rather daunting?) or fast-track to the warnings.

 

Ctrl-end will take you to the last line of the file, and clicking that line will tell you how many lines in your status bar.

 

A few lines above that is likely to be where your warnings are. In my case I had 5-6 lines.

 

If you can't see the warnings that easily, then Ctrl-Home to the start of the file, press Ctrl-F for Find, and enter "warning" and go from there.

 

The applet you are in while you are reading is called gedit (in Cinnamon and in Ubuntu Unity and some others). It is an unformatted text editor such as Notepad is in Windows.

 

When you are finished and exit, and close down the elevated privileges window of Nemo, the root privileges will be restored on what you have left.

 

I can illustrate that with screenshots if asked, put them in a spoiler, whatever.

 

For the references to Cinnamon and its File Manager (FM) Nemo, the user can substitute his own FM under his own Distro.

 

Different Distros use different protocols as to whether they provide the facility to right-click and open as Administrator/Root, and some, not at all. If you are in that situation, then simply start your FM as Root and proceed from there. This can be done from Terminal, typing in eg

gksu thunar

... where Thunar is your File Manager. You are prompted for your password, enter it and away you go.

 

The above is valid for Debian-based Distros - RPM and other families may differ slightly in syntax.

 

 

 

:wizardball: Wizard






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users