Results 1 to 3 of 3

Thread: Configuring "rkhunter"

  1. #1

    Default Configuring "rkhunter"

    Hey!
    My learning continues with OpenSUSE. Now I need help with the following "problems".

    I have a mix of OpenSUSE and Windows computers in my network, all behind a firewall (Sophus UTM) that uses VPN (through an ASUS router) to access the Internet.

    My question is:
    How do I configure "rkhunter" to get the best protection on my computer? Automatically if there is a possibility.

    How do I do, all configuration tips and referrals are needed and appreciated?

    / Roland

  2. #2
    Join Date
    May 2012
    Location
    Finland
    Posts
    2,004

    Default Re: Configuring "rkhunter"

    On openSUSE 42.3:

    zypper in -y rkhunter

    This will install a cronjob as: /etc/cron.daily/suse.de-rkhunter

    Then edit /etc/sysconfig/rkhunter

    and change
    CRON_DB_UPDATE="no"
    to
    CRON_DB_UPDATE="yes"

    Now you have nightly automated rootkit scans + database updates.
    .: miuku #suse @ irc.freenode.net
    :: miuku@opensuse.org

    .: h​ttps://download.opensuse.org/repositories/home:/Miuku/

  3. #3
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,153
    Blog Entries
    2

    Default Re: Configuring "rkhunter"

    A lot has been written about the limitations of rkhunter.
    There are a great many rootkits, and rkhunter is only able to find some.

    Better is prevention by understanding what is required to insert a rootkit and addressing those attack vectors, although scanning should not be overlooked depending on your requirements.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •