Rkhunter have released a new version of the root kit scanner:http://sourceforge.net/forum/forum.php?forum_id=1050043Upgrade for our service package:
wget http://prdownloads.sourceforge.net/rkhunter/rkhunter-1.3.6.tar.gztar -xzf rkhunter*cd rkhunter-*./installer.sh –layout default –install
It does appear to currently throw a false-positive on CentOS v4.8 systems, but you should check this:
Warning: Checking for possible rootkit strings
Changes:
- Fixed broken image icon in the WHM header
- Switched to a proportional font to display the mod_security log entries to better fit the browser window
- Increased the lines per mod_security log lines to display from 40 to 200
- Fixed a display formatting issue with the mod_security log entries
Changes:
- Improved licensing code tolerance on network failure for web and ftp scanning on servers that are behind NAT
- Exploit regex definitions database updates
- Exploit fingerprint definitions database updates
- Ftp and web scanning speedups
Changes:
- Updated exploit definitions database
- Exploit fingerprint definitions database additions
Changes:
- Updated exploit definitions database
- Exploit fingerprint definitions database additions
Changes:
- Fixed issue with pure-uploadscript restart on cron job cxs upgrade
- Exploit fingerprint definitions database additions
Changes:
- Improved UI detection of the quarantine directory in cxsftp.sh and cxscgi.sh if used