This How To Fix Rkhunter Error Message helps you to fix possible false positives caused by rkhunter. You should however be careful and double check whether its really a false positive or whether you deal with a newly installed root kit.
Rkhunter warnings could have different root causes. Whatever the reason is, you do not like to ignore it. The message(s) or warning(s) are to be taken very serious because there could indeed cybercriminals be the root cause.
Before you start: I strongly recommend you make a full backup of your system! This how to gives you no warranty for success. If you do not understand what you do, you take the risk of destroying or harming your system.
- Software Update turning into the need of Rkhunter – How To Fix Rkhunter Error
- Rkhunter – How to Fix Rkhunter Error Message
- Further information that you like to consider
A normal regular software update could cause rkhunter warnings. This is one of the very frequent use cases. This issue could be caused by a so called headless software update or also automatic software update configurations. If this is the case, than this how to will help you. Otherwise, you should research the internet further and take the warning serious.
If your system files will be replaced by an automatic or also called headless software update, whilst rkhunter is not updating its hashes then rkhunter will send you an alert. This because once rkhunter is running the next time thru your file system, rhunter rightly figures out that hash values have changed. You could also call this false positive, as you did like your system to update automatically. Such a warning message could look like the below example:
First of all, you like to double check your system whether a software update has taken place between the last rkhunter run in which you did receive no warning message and the new rkhunter run where you did receive the warning message.
The history log gives you a good view on this. Execute (on Debian Linux) the following command to check for software updates:
sudo more /var/log/apt/history.log
If you find out, that indeed there was a software update, then you like to execute the next step, allowing to update the rkhunter database with the new facts caused by the software update:
sudo rkhunter --update --propupd
There are various sources in the internet that allow you to further deep dive into the rkhunter specifics. In the below you find some links that maybe help you:
- Rkhunter Linux man page – man page including rkhunter description and command options
- Debian Linux rkhunter man page – specific Debian Linux man page about rkhunter
I wrote some other rkhunter used cases. You maybe like to check out these as well:
- How to fix rkhunter warning
- Fix rkhunter error
- rkhunter suspect files
- Rkhunter: File Properties Have Changed
- How To Fix Rkhunter sudo Warning
It would be amazing if you follow my myhowto.blog. To my blog is actually easy! You can leverage on
- Click to follow me on Twitter
- Bookmark this page and comeback from time to time
I am really looking forward for you to contact me if for example you found a better option or other idea then in this how to. Also, please touch base if you found an error or anything not working or if you have something that you would love to be added to the myhowto.blog. Simply click this link to touch base with me.
I would love to see you are recommending this how to or link it to your website. Also, I would love if you link or recommend the whole myhowto.blog. Please feel free to do so! In case you like to touch base regarding this topic with me, then simply click this link. I look forward!