Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 24th October 2013, 23:11
mikedesa mikedesa is offline
Junior Member
 
Join Date: Oct 2013
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default Question about using ./rkcheck command

Helllo,

I have a question about an error message I keep receiving everytime I try to execute the ./rkcheck command on my linux server.

Everytime I execute the ./rkcheck command in the /usr/local/bin directory of my server I keep getting the following error message:

Invalid BINDIR configuration option: Invalid directory found: .
Invalid BINDIR configuration option: Invalid directory found:

I have been told that the path of the file may point to the wrong location. I am using a Putty to do this command. I need this command to work and give me the proper output so I can see what, if any, rootkits have been found. I don't want this error message to appear anymore.

How can I get the path of the file to point to the right location?

Last edited by mikedesa; 24th October 2013 at 23:33.
Reply With Quote
Sponsored Links
  #2  
Old 25th October 2013, 08:29
Quaxth Quaxth is offline
Senior Member
 
Join Date: Sep 2013
Location: Samut Prakan, Thailand
Posts: 440
Thanks: 48
Thanked 34 Times in 31 Posts
Send a message via Skype™ to Quaxth
Default

May be it would be a good idea to post what Linux Distro and Version you're using?!

in Debian Wheezy the output of your command is as follow:
Code:
root@server:~# cd /usr/local/bin
root@server:/usr/local/bin# ./rkcheck
-bash: ./rkcheck: No such file or directory
root@server:/usr/local/bin# /rkcheck
-bash: /rkcheck: No such file or directory
root@server:/usr/local/bin#
The command I was give was include the ./ and exclude as / and both didn't working!
__________________
*************
Have a nice day.
Reply With Quote
  #3  
Old 12th November 2013, 19:04
mikedesa mikedesa is offline
Junior Member
 
Join Date: Oct 2013
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by Quaxth View Post
May be it would be a good idea to post what Linux Distro and Version you're using?!

in Debian Wheezy the output of your command is as follow:
Code:
root@server:~# cd /usr/local/bin
root@server:/usr/local/bin# ./rkcheck
-bash: ./rkcheck: No such file or directory
root@server:/usr/local/bin# /rkcheck
-bash: /rkcheck: No such file or directory
root@server:/usr/local/bin#
The command I was give was include the ./ and exclude as / and both didn't working!
The Linux Distribution I am using is CentOS release 6.4. Codename: final

I truly would appreciate any help you can give me because I am getting real tired of that error message. I don't know what is causing it and I want to see what rootkits if any are being run on it. I need to know if my servers are in danger of being hacked. These servers are for a company and I can't seem to find an answer anywhere.
Reply With Quote
  #4  
Old 12th November 2013, 22:38
mikedesa mikedesa is offline
Junior Member
 
Join Date: Oct 2013
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by Quaxth View Post
May be it would be a good idea to post what Linux Distro and Version you're using?!

in Debian Wheezy the output of your command is as follow:
Code:
root@server:~# cd /usr/local/bin
root@server:/usr/local/bin# ./rkcheck
-bash: ./rkcheck: No such file or directory
root@server:/usr/local/bin# /rkcheck
-bash: /rkcheck: No such file or directory
root@server:/usr/local/bin#
The command I was give was include the ./ and exclude as / and both didn't working!
One other thing I want to ask is I am trying to figure out which files are false positives which have been white listed and which ones are warnings I need to take seriously. I was told that the README, rkhunter.conf comments and FAQ Rootkit Hunter comes with tells you how: use your distributions package management to verify files and (visually) inspect the rest.

How would I go about finding these items if they are not in their proper directories?
Reply With Quote
  #5  
Old 13th November 2013, 04:20
Quaxth Quaxth is offline
Senior Member
 
Join Date: Sep 2013
Location: Samut Prakan, Thailand
Posts: 440
Thanks: 48
Thanked 34 Times in 31 Posts
Send a message via Skype™ to Quaxth
 
Default Virustotal

Regarding your suspicious files, which maybe infected as you think, you could on line check them at: https://www.virustotal.com/, just need to upload the suspicious file and check. For to get the files to your desktop, install WinSCP (Freeware) and copy those files to your pc from where you could freely upload them without any interference on your running server.

If you don't have WinSCP, download from: http://winscp.net/eng/index.php install on your desktop under Windows and use the SSH settings for to connect to your server. If you run Linux on your destop, use an SCP Client for linux instead.
__________________
*************
Have a nice day.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
mysql and mail problem viritech General 3 16th October 2012 12:54
Pure-ftpd - Delay between files when uploading erosbk Server Operation 5 6th September 2011 14:03
Multiserver setup: repquota command not found. CSsab Installation/Configuration 2 27th January 2011 15:11
ftp user problem jalapela General 15 25th November 2010 14:09
Add ons for ISPConfig 3 virtue Installation/Configuration 24 16th October 2009 17:30


All times are GMT +2. The time now is 09:56.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.