Originally Posted by
fugu2
You really don't even need a duel boot if you have a spare usb drive lying around. Download your OS's *.iso file from ubuntu.com,
Code:
sudo apt-get install unetbootin
to install unetbootin. Run unetbootin to drop that iso file into your usb drive (WARNING: this may erase all of your data on that drive, so use a fresh drive if you can or backup your bytes). then boot up to the usb drive and scan your hard drive with your new liveusb.
Well I said dual boot because I already have that 
, my question was not so much about which boot media to use (I reckon you have plenty to choose from, regarding usb sticks I think you don't even need unetbootin, as there is usb-creator installed by default in latest releases) but rather about the specific issue of rkhunter scanning external partitions : does it scan all mounted partitions by default, as part of a normal system scan?
I thought that rkhunter only searched in specific paths in the installed system.
EDIT: well, after reading more carefully the man pages looks like the option I'm after would be
Code:
chhrootkit -r [path_to_mounted_media]
and
Code:
rkhunter --rootdir [path_to_mounted_media]
unfortunately the latter is currently deprecated and removed as of version 1.4.0 .
Adv Reply
Bookmarks