Atomicorp

Security for Everyone
https://forums.atomicorp.com/

Remove [1;33m from rkhunter output

https://forums.atomicorp.com/viewtopic.php?t=4471

Page 1 of 1

Remove [1;33m from rkhunter output

Posted: Mon Oct 25, 2010 5:41 pm
by webfeatus
[ Rootkit Hunter version 1.3.6 ]

[1;33mChecking rkhunter version... [0;39m
This version : 1.3.6
Latest version: 1.3.6
[ Rootkit Hunter version 1.3.6 ]

[1;33mChecking rkhunter data files... [0;39m
Checking file mirrors.dat [34C[ [1;32mNo update [0;39m ]
Checking file programs_bad.dat [29C[ [1;32mNo update [0;39m ]
Checking file backdoorports.dat [28C[ [1;32mNo update [0;39m ]
Checking file suspscan.dat [33C[ [1;32mNo update [0;39m ]
Checking file i18n/cn [38C[ [1;32mNo update [0;39m ]
Checking file i18n/de [38C[ [1;32mNo update [0;39m ]
Checking file i18n/en [38C[ [1;32mNo update [0;39m ]
Checking file i18n/zh [38C[ [1;32mNo update [0;39m ]
Checking file i18n/zh.utf8 [33C[ [1;32mNo update [0;39m ]

Anyone know how to remove the weird characters?

This is my cron script:

Code: Select all

#!/bin/sh
(
/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /bin/mail -s 'rkhunter Daily Run on server' my@email.com

Re: Remove [1;33m from rkhunter output

Posted: Mon Oct 25, 2010 6:17 pm
by mikeshinn
Those are ANSI color codes. You need to use the --nocolors option.

Re: Remove [1;33m from rkhunter output

Posted: Mon Oct 25, 2010 6:32 pm
by webfeatus
Yes, I tried that once before, without success.
This time I have placed it on a separate line.

Code: Select all

#!/bin/sh
(
/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
/usr/local/bin/rkhunter --nocolors
) | /bin/mail -s 'rkhunter Daily Run on server' email@me.com
(lazily) I will let the cron run tomorrow...

Re: Remove [1;33m from rkhunter output

Posted: Mon Oct 25, 2010 6:35 pm
by scott
Also this -> /usr/local/bin/rkhunter is not our rkhunter. So your problems might be related to that.

Re: Remove [1;33m from rkhunter output

Posted: Mon Oct 25, 2010 6:37 pm
by webfeatus
scott wrote:Also this -> /usr/local/bin/rkhunter is not our rkhunter. So your problems might be related to that.
Yes, it is a standalone version on the host server.
ASL & your rkhunter are on the virtual.

Re: Remove [1;33m from rkhunter output

Posted: Mon Oct 25, 2010 7:18 pm
by mikeshinn
You need to call "--nocolors" each time you invoke rkhunter when you want it to not generate ANSI colors.

/usr/local/bin/rkhunter --versioncheck --nocolors
/usr/local/bin/rkhunter --update --nocolors
/usr/local/bin/rkhunter --cronjob --report-warnings-only --nocolors

You also dont need to call rkhunter each time, you can stack those options if you like:

rkhunter --versioncheck --update --cronjob --report-warnings-only --nocolors

Re: Remove [1;33m from rkhunter output

Posted: Tue Oct 26, 2010 5:47 pm
by breun
From rkhunter --help:
--cronjob Run as a cron job
(implies -c, --sk and --nocolors options)
So, when using --cronjob you don't even need to specify --nocolors. :)

(I see ART's rkhunter also uses both --cronjob and --nocolor in /etc/cron.daily/rkhunter, but yeah, it still works, so it doesn't matter much.)

Re: Remove [1;33m from rkhunter output

Posted: Tue Oct 26, 2010 7:48 pm
by webfeatus
I found that this separates the output nicely.

Code: Select all

/usr/local/bin/rkhunter --versioncheck --nocolors
/usr/local/bin/rkhunter --update --nocolors
/usr/local/bin/rkhunter --cronjob --report-warnings-only --nocolors
Other options work but do not separate the output like the above option.
All times are UTC-04:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited