RKHunter - rootkit scan on ubuntu

 

To install the Rkhunter tool using the package manager on the Ubuntu system, run the following command.

sudo apt-get install rkhunter

After installation, you need to update the file properties database. To update the file properties database, run the following command.

sudo rkhunter –propupd

This above command lets the Rkhunter scanner to know the current state of individual files to avoid any false alarms during the scanning. After updating the file properties, run the following command to start the scanning.

sudo rkhunter –checkall

This scanner runs through some system commands, network settings, localhost settings, and files to check for actual rootkits and malware. Then, it records the findings to a log file. You can get the condensed look at the scan log using the below command. After checking the logs, you can implement a different process to improve your server security.

sudo cat /var/log/rkhunter.log | grep -i warning

If you want to scan Ubuntu Server every day at a particular time (suppose 4 am night) and send the report to your email address, add the following cron entry.

0 4 * * * /usr/sbin/rkhunter -c 2>&1 | mail -s “Rkhunter Report of the Server” you@domain.com

This above cron job runs at 4 am night every day and sends a report to your email address with the subject “Rkhunter Report of the Server”.

VMWare vSphere: Managing Password Expiration Settings - VCenter

 You will need the dir-cli tool, which is located in /usr/lib/vmware-vmafd/bin/.

cd /usr/lib/vmware-vmafd/bin/

Check that the local user exists:

./dir-cli user find-by-name --account backup_user

You can change the password for this user:

./dir-cli password reset --account backup_user --password OldBackupP@$$ --new NewBackupP@$$

Or you can set password to never expire:

./dir-cli user modify --account backup_user --password-never-expires

You can change the password expiration settings for root or set it to never expire (if its value is 0).

Also you can check the root password expiration setting from your vCSA console:

chage -l root

source: https://woshub.com/vmware-password-expiration-settings/

Updatable objects appear as 'no longer supported'

  Symptoms In some scenarios, the following validation warning appears on an updatable object: " Object is no longer supported. Enforci...

Mais vistos