From b2d966f8e4ed3a62d5721350fef2099484a7905a Mon Sep 17 00:00:00 2001 From: KiekerJan Date: Thu, 29 Apr 2021 23:03:09 +0200 Subject: [PATCH] add rootkit detectors --- setup/additionals.sh | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/setup/additionals.sh b/setup/additionals.sh index 57d2eaad..0506f044 100644 --- a/setup/additionals.sh +++ b/setup/additionals.sh @@ -2,7 +2,7 @@ source /etc/mailinabox.conf source setup/functions.sh # Add additional packages -apt_install pflogsumm +apt_install pflogsumm rkhunter chkrootkit # Cleanup old spam and trash email hide_output install -m 755 conf/cron/miab_clean_mail /etc/cron.weekly/ @@ -25,3 +25,28 @@ hide_output systemctl restart systemd-journald.service cat > /root/.forward << EOF; administrator@$PRIMARY_HOSTNAME EOF + +# Install fake mail script +if [ ! -f /usr/local/bin/mail ]; then + hide_output install -m 755 tools/fake_mail /usr/local/bin + mv -f /usr/local/bin/fake_mail /usr/local/bin/mail +fi + +tools/editconf.py /etc/rkhunter.conf \ + UPDATE_MIRRORS=1 \ + MIRRORS_MODE=0 \ + WEB_CMD='""' \ + MAIL-ON-WARNING=root \ + ALLOWHIDDENDIR=/etc/.java + +tools/editconf.py /etc/default/rkhunter \ + CRON_DAILY_RUN='"true"' \ + CRON_DB_UPDATE='"true"' \ + APT_AUTOGEN='"true"' + +tools/editconf.py /etc/chkrootkit.conf \ + RUN_DAILY='"true"' + +# Should be last +rkhunter --propupd +