WPML not installed and activated.

RkHunter autoconfig

By spl on 14 mai 2013 in Côté serveur, Notes
0
0

Inspiré de l’excellent Rootkit hunter sur Debian et très légèrement modifié pour wheezy.

command sed -i -e 's|^[#]*\(ALLOWHIDDENDIR="/dev/.udev"\)$|\1|' \
-e 's|^[#]*\(ALLOWHIDDENDIR="/dev/.static"\)$|\1|' \
-e 's|^[#]*\(ALLOWHIDDENDIR="/dev/.initramfs"\)$|\1|' \
"/etc/rkhunter.conf"
if [ -e "/etc/.java" ]; then
command sed -i -e 's|^[#]*\(ALLOWHIDDENDIR="/etc/.java"\)$|\1|' \
"/etc/rkhunter.conf"
fi
if [ -x "/sbin/mdadm" ]; then
command sed -i -e 's|^[#]*\(ALLOWHIDDENDIR="/dev/.mdadm"\)$|\1|' \
"/etc/rkhunter.conf"
fi
if [ -x "/sbin/hdparm" ]; then
command sed -i -e 's|^[#]*\(RTKT_FILE_WHITELIST="\)\(.*\)$|\1/etc/init.d/.depend.boot /etc/init.d/hdparm\2|' \
"/etc/rkhunter.conf"
fi
command sed -i -e '0,/ALLOWHIDDENFILE/{//a\
ALLOWHIDDENFILE="/dev/.tmp-block-*"
;}' \
"/etc/rkhunter.conf"
if [ -e "/dev/shm/network/ifstate" ]; then
command sed -i -e '0,/ALLOWDEVFILE/{//a\
"ALLOWDEVFILE=/dev/shm/network/ifstate"
;}' \
"/etc/rkhunter.conf"
fi
if [ -n "$(command apt-cache show ssh | command grep "5.1p1")" ]; then
command sed -i -e 's|^[#]*\(APP_WHITELIST=\).*$|\1"exim:4.69 gpg:1.4.9 openssl:0.9.8g sshd:5.1p1"|' \
"/etc/rkhunter.conf"
fi
if [ -n "$(command apt-cache show ssh | command grep "5.5p1")" ]; then
command sed -i -e 's|^[#]*\(APP_WHITELIST=\).*$|\1"gpg:1.4.10 openssl:0.9.8o sshd:5.5p1"|' \
"/etc/rkhunter.conf"
fi
SSH_ROOT_ALLOWED=no
TEST_ROOT_ALLOWED=$(/bin/grep -i "PermitRootLogin.*yes" /etc/ssh/sshd_config)
if [ -n "$TEST_ROOT_ALLOWED" ]; then
SSH_ROOT_ALLOWED=yes
fi
command sed -i \
-e "s|^[#]*\\(ALLOW_SSH_ROOT_USER=\\).*$|\\1${SSH_ROOT_ALLOWED}|" \
"/etc/rkhunter.conf"
command sed -i -e 's|^[#]*\(HASH_FUNC=\).*$|\1md5sum|' \
-e 's|^[#]*\(PKGMGR=\).*$|\1DPKG|' \
"/etc/rkhunter.conf"
command echo '// Update rkhunter file signatures databases after running dpkg.
DPkg::Post-Invoke {
"if [ -x /usr/bin/rkhunter ]; then if [ $(/usr/bin/rkhunter --help | /bin/grep "propupd" | /usr/bin/wc -l) -gt 0 ]; then /usr/bin/rkhunter --propupd; fi; fi";
};' > '/etc/apt/apt.conf.d/90rkhunter'
command rkhunter --propupdate
command rkhunter --update

# check de la config
command rkhunter --configfile /etc/rkhunter.conf --report-warnings-only --checkall

 

spl

About the Author

splView all posts by spl
Loading Facebook Comments ...

0 Comments

Add comment

Leave a Reply

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *

*

CommentLuv badge