ports/70149: [maintainer update] Update port: security/rkhunter Rootkit detection tool
bugghy
bugghy at phenix.rootshell.be
Sat Aug 7 22:00:41 UTC 2004
>Number: 70149
>Category: ports
>Synopsis: [maintainer update] Update port: security/rkhunter Rootkit detection tool
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Sat Aug 07 22:00:41 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: bugghy <bugghy at rootshell.be>
>Release: FreeBSD 5.2.1-RELEASE-p9 i386
>Organization:
>Environment:
System: FreeBSD illusion.com 5.2.1-RELEASE-p9 FreeBSD 5.2.1-RELEASE-p9 #5: Thu Aug 5 00:54:05 GMT 2004 root at illusion.com:/usr/obj/usr/src/sys/BUGNERIC i386
>Description:
Rootkit Hunter is scanning tool to ensure you for about 99.9% you're
clean of nasty tools.
This tool scans for rootkits, backdoors and local exploits by running
tests like:
- MD5/SHA1 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files
>How-To-Repeat:
>Fix:
diff -ruN rkhunter-old/Makefile rkhunter/Makefile
--- rkhunter-old/Makefile Mon Jul 26 17:54:49 2004
+++ rkhunter/Makefile Sun Aug 8 00:10:09 2004
@@ -6,11 +6,11 @@
#
PORTNAME= rkhunter
-PORTVERSION= 1.1.3
+PORTVERSION= 1.1.4
CATEGORIES= security
MASTER_SITES= http://downloads.rootkit.nl/
-MAINTAINER= ports at FreeBSD.org
+MAINTAINER= bugghy at SAFe-mail.net
COMMENT= Rootkit detection tool
RUN_DEPENDS= ${SITE_PERL}/${PERL_ARCH}/Digest/SHA1.pm:${PORTSDIR}/security/p5-Digest-SHA1
diff -ruN rkhunter-old/distinfo rkhunter/distinfo
--- rkhunter-old/distinfo Mon Jul 26 17:54:49 2004
+++ rkhunter/distinfo Sun Aug 8 00:08:51 2004
@@ -1,2 +1,2 @@
-MD5 (rkhunter-1.1.3.tar.gz) = 62271204de0fa0d2bf1b8489b1458dc7
-SIZE (rkhunter-1.1.3.tar.gz) = 98309
+MD5 (rkhunter-1.1.4.tar.gz) = 08938c110c8363c62c82dad0571517d0
+SIZE (rkhunter-1.1.4.tar.gz) = 102147
diff -ruN rkhunter-old/files/patch-installer.sh rkhunter/files/patch-installer.sh
--- rkhunter-old/files/patch-installer.sh Sun Jul 25 21:23:48 2004
+++ rkhunter/files/patch-installer.sh Sun Aug 8 00:22:35 2004
@@ -1,22 +1,7 @@
---- installer.sh.orig Sun Jul 25 16:20:28 2004
-+++ installer.sh Sun Jul 25 17:19:48 2004
-@@ -69,6 +69,7 @@
- ;;
- *)
- echo "Wrong parameter"
-+ exit
- ;;
- esac
- shift
-@@ -111,21 +112,18 @@
- overwrite:check_port.pl:/scripts/check_port.pl:Portscanner
- overwrite:filehashmd5.pl:/scripts/filehashmd5.pl:MD5%%Digest%%generator
- overwrite:filehashsha1.pl:/scripts/filehashsha1.pl:SHA1%%Digest%%generator
--verwrite:showfiles.pl:/scripts/showfiles.pl:Directory%%viewer
-+overwrite:showfiles.pl:/scripts/showfiles.pl:Directory%%viewer
- overwrite:backdoorports.dat:/db/backdoorports.dat:Database%%Backdoor%%ports
- overwrite:mirrors.dat:/db/mirrors.dat:Database%%Update%%mirrors
- overwrite:os.dat:/db/os.dat:Database%%Operating%%Systems
+--- installer.sh.old Sun Aug 8 00:16:28 2004
++++ installer.sh Sun Aug 8 00:21:52 2004
+@@ -120,15 +120,12 @@
+ overwrite:programs_good.dat:/db/programs_good.dat:Database%%Program%%versions
overwrite:defaulthashes.dat:/db/defaulthashes.dat:Database%%Default%%file%%hashes
overwrite:md5blacklist.dat:/db/md5blacklist.dat:Database%%MD5%%blacklisted%%files
-overwrite:CHANGELOG:/docs/CHANGELOG:Changelog
@@ -33,7 +18,7 @@
"
# Create directories (only if they do not exist)
-@@ -134,10 +132,7 @@
+@@ -137,10 +134,7 @@
${INSTALLDIR}/etc
${INSTALLDIR}/bin
${INSTALLDIR}/lib/rkhunter/db
@@ -44,16 +29,17 @@
"
CHECKDIR="/usr/local"
-@@ -345,8 +340,6 @@
+@@ -347,9 +341,6 @@
+ #################################################################################
- # Clean active window
+-# Clean active window
-clear
-
echo "${INSTALLER_NAME} ${INSTALLER_VERSION} (${INSTALLER_COPYRIGHT})"
echo $ECHOOPT "---------------"
echo "Starting installation/update"
-@@ -467,7 +460,7 @@
+@@ -470,7 +461,7 @@
if [ -f ${INSTALLPREFIX}${CURFILE} ]
then
#error redirection in .rkhunter it's just for a clear display if user run not as root
@@ -62,7 +48,7 @@
if [ $? -eq 0 ]
then
echo $E "OK"
-@@ -482,10 +475,10 @@
+@@ -485,10 +476,10 @@
done
@@ -75,7 +61,7 @@
echo "Configuration updated with installation path (${INSTALLDIR})"
else
echo "Configuration already updated."
-@@ -495,7 +488,7 @@
+@@ -498,7 +489,7 @@
then
echo ""
echo $E "$t17"
diff -ruN rkhunter-old/files/patch-os.dat rkhunter/files/patch-os.dat
--- rkhunter-old/files/patch-os.dat Tue Jul 27 20:28:18 2004
+++ rkhunter/files/patch-os.dat Thu Jan 1 00:00:00 1970
@@ -1,12 +0,0 @@
-$FreeBSD: ports/security/rkhunter/files/patch-os.dat,v 1.1 2004/07/27 20:28:18 glewis Exp $
-
---- files/os.dat.orig Mon Jul 26 13:37:35 2004
-+++ files/os.dat Mon Jul 26 13:38:02 2004
-@@ -69,6 +69,7 @@
- 207:OpenBSD 3.4 (i386):/bin/md5:/usr/local/bin:
- 208:FreeBSD 4.9 (i386):/sbin/md5 -q:/usr/local/bin:
- 209:FreeBSD 5.2.1 (i386):/sbin/md5 -q:/usr/local/bin:
-+210:FreeBSD 4.10 (i386):/sbin/md5 -q:/usr/local/bin:
- 300:Sun Solaris 8 (sparc):/bin/ls:/bin:
- 400:IBM AIX 5.4:/bin/ls:/bin:
- 401:IBM AIX 5.3:/bin/ls:/bin:
diff -ruN rkhunter-old/pkg-plist rkhunter/pkg-plist
--- rkhunter-old/pkg-plist Sun Jul 25 21:23:47 2004
+++ rkhunter/pkg-plist Sun Aug 8 00:25:48 2004
@@ -3,10 +3,13 @@
lib/rkhunter/db/backdoorports.dat
lib/rkhunter/db/mirrors.dat
lib/rkhunter/db/os.dat
+lib/rkhunter/db/programs_bad.dat
+lib/rkhunter/db/programs_good.dat
lib/rkhunter/db/defaulthashes.dat
lib/rkhunter/db/md5blacklist.dat
lib/rkhunter/scripts/check_modules.pl
lib/rkhunter/scripts/check_port.pl
+lib/rkhunter/scripts/check_update.sh
lib/rkhunter/scripts/filehashmd5.pl
lib/rkhunter/scripts/filehashsha1.pl
lib/rkhunter/scripts/showfiles.pl
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list