Linux Mint Forums

[mintero]

Hi,
I am looking for a good antispyware, for rootkits, trojans etc.
I searched in synaptic by keywords, I googled and I used also this url:
http://sectools.org/

There are a lot of them and that's the problem. I dont know which one to choose

Have you something good to recommend me? I am experiencing some of them at the same time. My feeling is that samhain could be a good one, but I am not sure...


Thanks in advance

[|_NiGhTmArE_|]

for rootkits, backdoors and local exploits I use rkhunter

as IDS (Intrusion Detection Systems) I use snort

[npap]

Hi,
I am looking for a good antispyware, for rootkits, trojans etc.
I searched in synaptic by keywords, I googled and I used also this url:
http://sectools.org/

There are a lot of them and that's the problem. I dont know which one to choose

Have you something good to recommend me? I am experiencing some of them at the same time. My feeling is that samhain could be a good one, but I am not sure...


Thanks in advance

Hello mintero,
Thanks for the link. It's a very useful site for hacking software.
BTW I got rkhunter with Synaptic. I'm anxious to see the warez I'm infested with

[mintero]

for rootkits, backdoors and local exploits I use rkhunter

as IDS (Intrusion Detection Systems) I use snort

Thank you

Hello mintero,
Thanks for the link. It's a very useful site for hacking software.
BTW I got rkhunter with Synaptic. I'm anxious to see the warez I'm infested with

Yasou, file, nasai kala

You can make a launcher or a menu entry with the command:

x-terminal-emulator -e sudo rkhunter -c (to see all scannings)
or
x-terminal-emulator -e sudo rkhunter -c --quiet (to see only the results)

[npap]

Thank you so much mintero!
You saved the day my friend. After downloading the program I didn't know what to do with it
Your instructions solved my problem. I was waiting to see a GUI, virus scan type.
But I couldn't find it anywhere.
The second command didn't work for me. I got a blanc Terminal as a result..
The scan was OK, but I wonder if you can save the results.

Oh! My son will love the site that you suggested! He is crazy about that stuff.
BTW, Do I have the honor to be talking to a compadre?

Yassou, and greetings from Greece!

[mintero]

The second command didn't work for me. I got a blanc Terminal as a result..
The scan was OK, but I wonder if you can save the results.

The second command works well for me. The aim of this command is to show only the final results. The scannings are performed while you're having that blank terminal. So you have to wait a little...

You can save the results if you add the option --createlogfile at the end of the command.
Then you go to System->Administration->System Log
You click File->Open and you look for rkhunter.log in order to add it to the default logfiles of System Log

BTW, Do I have the honor to be talking to a compadre?

Yassou, and greetings from Greece!

I am greek living in France, so ...heretismous apo Gallia

[npap]

Bon soir mon ami,
Euxaristw pollí. This malware detection program is great. I did apply your suggestions and I found my PC to be clean. I am running Bianca with all the updates BTW.
Glad to see another Greek here.
You are invited to visit Random>The Mint Café, for a virtual Mint cocktail.

Bonne nuit, npap

[Negen]

i had a mint cocktail once it was a martini at the air port 15$ (she did give me the second one for free as she would have thrown it out becouse she made more than she should have in the mixer though.) they charged me i think it was a windows based cocktail i think linuxmint cocktail is much better as it is free.

[mumbo719]

You can make a launcher or a menu entry with the command:

x-terminal-emulator -e sudo rkhunter -c (to see all scannings)
or
x-terminal-emulator -e sudo rkhunter -c --quiet (to see only the results)[/quote]

Greetings and thank you for the tip.

Do you run rkhunter daily on start up or just once in a while?

Do you have a good way to run it daily?

I am not Greek but living near Tarpon Springs FL has given me an appreciation for OPA!!!, Pastitso, Mousaka, Dolmades, etc.

[mintero]

Greetings and thank you for the tip.

Do you run rkhunter daily on start up or just once in a while?

Do you have a good way to run it daily?

I never used rkhunter before and I dont know how it works in auto mode.

There are some things that I dont understand:

In /etc/default/rkhunter it's mentionned that it runs once a day and it makes updates once a week. But if you search the package in synaptic and click Package->Configure, the options Run Daily and Update Weekly are not checked.

Another point is that rkhunter depends on a MTA (mail transfer agent). In its dependancies exim4 is prioritary and synaptic installs it, but in the /etc/cron.daily/rkhunter , sendmail is mentionned instead.

Warning reports are mentionned in two config files: /etc/rkhunter.conf and /etc/default/rkhunter and are a little confusing. For example, if I replace "root" by my_account_name, will I be warned in case of problem?

Well, I fixed these problems using the common sense, because I didnt find responses on their site. However, I am not sure that the auto mode works as I can't verify it. So I run rkhunter manually for sure.

[pr3@ch3r]

You can actually run rkhunter as a cron script. You can read the readme in rkhunter and then man crontab / man cron to figure it out. Ive never actually done it myself but Ive been told between those 3 sources of info its fairly easy. This will be probably the only way to get rkhunter to run automatically. You can have it then email root with the results, though Im not sure if you can get them to display within X once the scan is done. Cheers!