Changes

Changes

1,504 bytes added , 07:11, 25 July 2022

no edit summary

Line 1: Line 1:

−

~~=Rkhunter SSH for SME7=~~

=Rkhunter=

=== Maintainer ===

[http://smeserver.pialasse.com/ Unnilennium aka Jean-Philippe PIALASSE] (Contrib)

Line 14: Line 15:

=== Installation ===

/usr/bin/yum install smeserver-rkhunter --enablerepo=smecontribs

</tab>

# Log in (with username root) to the SMEserver console.

−

# Install smeserver-Rkhunter<pre>/usr/bin/yum install smeserver-rkhunter --enablerepo=smecontribs</pre> You will get a y/N-question, answer y if it looks fine. There is no need to reboot the server.

# Install smeserver-Rkhunter<pre>/usr/bin/yum install smeserver-rkhunter --enablerepo=smecontribs</pre> You will get a y/N-question, answer y if it looks fine. There is no need to reboot the server. Note: for SME10, you need to add the epel repository to get the latest rkhunter:<pre>/usr/bin/yum install smeserver-rkhunter --enablerepo=smecontribs,epel</pre>

# you should then issue:

signal-event remoteaccess-update

−

</tab>

</tabs>

Alternatively you can use the server-manager panel "Software installer" to add a new package and select smeserver-Rkhunter (repo smecontribs must be enabled) then do the reconfiguration and reboot task, instead of steps 1 and 2, then refresh your browser and configure Rkhunter,.

−

=== Editing configuration ===

Line 32: Line 38:

to set a new value just issue ( where you change VALUE and OPTION by the appropriate data):

db configuration setprop rkhunter OPTION VALUE

−

signal-event remoteaccess-update

−

~~====DIAG_SCAN====~~

−

~~set to yes or no, default : '''no'''~~

−

====DisableTests====

here you can set a string of disabled tests separated by ","(default is '''apps,suspscan,system_commands''')

Line 41: Line 44:

as an example you can avoid alert about deleted file by adding ''',deleted_files''' ( see bug [SME: 3830])

−

see rkhunter doc for more informations

see [http://rkhunter.sourceforge.net/ rkhunter ] doc for more informations

====mail====

allow to set the mail where you want to send daily report, default is blank for "'''root'''"

config setprop rkhunter mail toto@toto.com

signal-event remoteaccess-update

====DIAG_SCAN====

default is blank

* no - perform normal report scan (default)

* yes - perform detailed report scan (includes application check)

config setprop rkhunter DIAG_SCAN yes

signal-event remoteaccess-update

====mailWarn====

recipient to send a mail in case of warning. Default is empty.

for example

config setprop rkhunter mailWarn toto@toto.com

signal-event remoteaccess-update

====status====

active or deactivate rkhunter : enabled (default)/ '''disabled'''

config setprop rkhunter status disabled

signal-event remoteaccess-update

====updateMirrors=====

This configuration was removed for SME10 version >= 6 as the issue has been resolved in the rkhunter code.

−

~~====status====~~

<del>enabled or disabled (default is empty for disabled.

−

~~active~~ or ~~deactivate rkhunter : activated / '''deactivated'''~~(default)

As per issue CVE-2017-7480 you should keep this as disabled !</del>

=== Uninstall ===

Line 62: Line 86:

=== Check installed version ===

−

yum info installed smeserver-~~Rkhunter~~

yum info installed smeserver-rkhunter

=== Bugs===

Please raise bugs under the SME Contribs section in {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-rkhunter|title=bugzilla}}.

{{#bugzilla:columns=id,product,version,status,summary |sort=id |order=desc |component=smeserver-rkhunter|noresultsmessage="No open bugs found."}}

===Changelog===

Only released version in smecontrib are listed here.

----

Unnilennium

Super Admin, Wiki & Docs Team, Bureaucrats, Interface administrators, Administrators

3,250

edits

Retrieved from "https://wiki.koozali.org/Special:MobileDiff/26453...41475"

Rkhunter (view source)

Revision as of 07:11, 25 July 2022

Navigation menu

Search