なんだこれは

はてなダイアリーから移転しました。

rkhunter 1.2.9がリリースされていた

Mac

rkhunter --versioncheckで1.2.9が出ていたので、RootKit_Hunterにいくと注意事項として、rkhunterは、rkhunter.confなどの設定ファイルを上書きしませんよ。

とあるので、素直に、rkhunter.confと/usr/local/rkhunterを別名に変えて、インストールした。

tar -zxvf rkhunter-1.2.9.tar.gz
cd rkhutner-1.2.9
sudo ./install.sh
Rootkit Hunter installer 1.2.5 (Copyright 2003-2005, Michael Boelen)


Under active development by the Rootkit Hunter project team. For reporting
bugs, updates, patches, comments and questions see: rkhunter.sourceforge.net

Rootkit Hunter comes with ABSOLUTELY NO WARRANTY. This is free
software, and you are welcome to redistribute it under the terms
of the GNU General Public License. See LICENSE for details.

---------------
Starting installation/update

Checking  /usr/local... OK
Checking file retrieval tools... /usr/local/bin/wget
Checking installation directories...
- Checking /usr/local/rkhunter...Created
- Checking /usr/local/rkhunter/etc...Created
- Checking /usr/local/rkhunter/bin...Created
- Checking /usr/local/rkhunter/lib/rkhunter/db...Created
- Checking /usr/local/rkhunter/lib/rkhunter/docs...Created
- Checking /usr/local/rkhunter/lib/rkhunter/scripts...Created
- Checking /usr/local/rkhunter/lib/rkhunter/tmp...Created
- Checking /usr/local/etc...Exists
- Checking /usr/local/bin...Exists
Checking system settings...
    - Perl... OK
Installing files... 
Installing Perl module checker... OK
Installing Database updater... OK
Installing Portscanner... OK
Installing MD5 Digest generator... OK
Installing SHA1 Digest generator... OK
Installing Directory viewer... OK
Installing Database Backdoor ports... OK
Installing Database Update mirrors... OK
Installing Database Operating Systems... OK
Installing Database Program versions... OK
Installing Database Program versions... OK
Installing Database Default file hashes... OK
Installing Database MD5 blacklisted files... OK
Installing Changelog... OK
Installing Readme and FAQ... OK
Installing Wishlist and TODO... OK
Installing RK Hunter configuration file... OK
Installing RK Hunter binary... OK
Configuration updated with installation path (/usr/local/rkhunter)

Installation ready.
See /usr/local/rkhunter/lib/rkhunter/docs for more information. Run 'rkhunter' (/usr/local/bin/rkhunter)

versionを確認

$ sudo rkhunter --versioncheck
http://rkhunter.sourceforge.net/rkhunter_latest.dat

Rootkit Hunter 1.2.9, copyright Michael Boelen

This version:   1.2.9
Latest version: 1.2.9

それで、rkhunter.confをviで編集。
MAIL-ON-WARNING=hogehoge

で--updateして、実行したら、userを確認する項目が増えていて、ファイルがないけどこれは一回目だねとファイル作ったよというので、もう一回走らせたら、文句なしになった。