FWIW, somewhere in the last five days, rkhunter started leaving full logs again. It may have been after the last apt-get update/upgrade pulled in some updates for clam, which I haven't really been doing very much with.
On Tue, Aug 14, 2012 at 10:03 AM, Joel Rees <joel.r...@gmail.com> wrote: > On 8/14/12, Joel Rees <joel.r...@gmail.com> wrote: >> I booted this morning, and it stopped fairly early in the boot process >> and hung up. >> >> Booted again and looked at some of the logs, and there are only three >> screens of info messages in the rkhunter logs, the last message cut >> off in the middle. (It's morning here, I'm not thinking clearly, yet.) > > --------------------------------- > $ cat rk* > [06:04:19] Info: Found the 'readlink' command: /bin/readlink > [06:04:19] Info: Found the 'sort' command: /usr/bin/sort > [06:04:20] Info: Found the 'stat' command: /usr/bin/stat > [06:04:20] Info: Found the 'strings' command: /usr/bin/strings > [06:04:20] Info: Found the 'uniq' command: /usr/bin/uniq > [06:04:20] Info: System is not using prelinking > [06:04:20] Info: Using the '/usr/bin/sha1sum' command for the file hash checks > [06:04:20] Info: Stored hash values used hash function '/usr/bin/sha1sum' > [06:04:20] Info: Stored hash values did not use a package manager > [06:04:20] Info: The hash function field in > ---------------------------------- > > And, now that I notice the time, rkhunter has not run since that first > boot up this morning. (But the one that froze or the one that made it > to an X11 session? I need to go back and check.) > >> I'm going to vacuum the thing out (it's about that time again), but >> should I be worried about the reason rkhunter didn't complete? As in, >> a root kit trying to prevent discovery. > > Vacuumed the dust out, reseated boards and controller cables, etc. No change. > > -- > Joel Rees -- -- Joel Rees -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAAr43iPecVruR-NyJmQ7J=mtto-u5bvq+9yacxs+vn15fmy...@mail.gmail.com
