Am following the Chkrootkit-Portsentry-Howto and have encountered the following error: rymach:/tmp# tar xvfz portsentry-1.2.tar.gz portsentry_beta/ portsentry_beta/portsentry.c portsentry_beta/portsentry.h portsentry_beta/portsentry_io.c portsentry_beta/portsentry_io.h portsentry_beta/portsentry_util.c portsentry_beta/portsentry_util.h portsentry_beta/portsentry_config.h portsentry_beta/portsentry_tcpip.h portsentry_beta/portsentry.ignore portsentry_beta/portsentry.conf portsentry_beta/Makefile portsentry_beta/README.COMPAT portsentry_beta/README.install portsentry_beta/README.methods portsentry_beta/README.stealth portsentry_beta/CHANGES portsentry_beta/CREDITS portsentry_beta/LICENSE portsentry_beta/ignore.csh rymach:/tmp# cd portsentry_beta/ rymach:/tmp/portsentry_beta# make linux SYSTYPE=linux Making cc -O -Wall -DLINUX -DSUPPORT_STEALTH -o ./portsentry ./portsentry.c \ ./portsentry_io.c ./portsentry_util.c ./portsentry.c: In function âPortSentryModeTCPâ: ./portsentry.c:1187: warning: pointer targets in passing argument 3 of âacceptâ differ in signedness ./portsentry.c: In function âPortSentryModeUDPâ: ./portsentry.c:1384: warning: pointer targets in passing argument 6 of ârecvfromâ differ in signedness ./portsentry.c: In function âUsageâ: ./portsentry.c:1584: error: missing terminating " character ./portsentry.c:1585: error: âsourceforgetâ undeclared (first use in this function) ./portsentry.c:1585: error: (Each undeclared identifier is reported only once ./portsentry.c:1585: error: for each function it appears in.) ./portsentry.c:1585: error: expected â)â before âdotâ ./portsentry.c:1585: error: stray â\â in program ./portsentry.c:1585: error: missing terminating " character ./portsentry.c:1595: error: expected â;â before â}â token make: *** [linux] Error 1 Chkrootkit installed no problem, cant seem to find any error's. Have re-downloaded Portsentry, but still the same problem. Any suggestions. Running Debian etch. Thanks Kev King I think I have installed it, it still comes up with the above error when installing. But it has been set up in the directory as per the Howto. Will give it a couple of days and see what the output is to see if its working.
Thanks for replying falko, I am on Debian etch (4) I did get 2 e-mails this morning from portsentry, and going by the info in it, it is working ok. My god it listed a load of stuff. The one from chkrootkit just gave an error stating the chkrootkit folder didnt exist. I have ammended the script for that, forgot the cd bit at the front. So will see if that is ok in the morning.
All works? Yes can confirm I had 2 e-mails this morning reporting on the outcome of portsentry activity and the results of chkrootkit. Strange, because like I stated earlier there was an error reported during installation. So all seems to be working ok.
I have the same problem on 2 servers with OpenSuse 11 WHAT CAN I DO? This is my screen server1:/tmp/portsentry_beta # make linux SYSTYPE=linux Making cc -O -Wall -DLINUX -DSUPPORT_STEALTH -o ./portsentry ./portsentry.c \ ./portsentry_io.c ./portsentry_util.c ./portsentry.c: In function âPortSentryModeTCPâ: ./portsentry.c:1187: warning: pointer targets in passing argument 3 of âacceptâ differ in signedness ./portsentry.c: In function âPortSentryModeUDPâ: ./portsentry.c:1384: warning: pointer targets in passing argument 6 of ârecvfrom â differ in signedness ./portsentry.c:1584:11: warning: missing terminating " character ./portsentry.c: In function âUsageâ: ./portsentry.c:1584: error: missing terminating " character ./portsentry.c:1585: error: âsourceforgetâ undeclared (first use in this functio n) ./portsentry.c:1585: error: (Each undeclared identifier is reported only once ./portsentry.c:1585: error: for each function it appears in.) ./portsentry.c:1585: error: expected â)â before âdotâ ./portsentry.c:1585: error: stray â\â in program ./portsentry.c:1585:24: warning: missing terminating " character ./portsentry.c:1585: error: missing terminating " character ./portsentry.c:1595: error: expected â;â before â}â token ./portsentry_io.c: In function âConfigTokenRetrieveâ: ./portsentry_io.c:321: warning: cast from pointer to integer of different size ./portsentry_io.c:324: warning: cast from pointer to integer of different size ./portsentry_io.c: In function âIsBlockedâ: ./portsentry_io.c:670: warning: cast from pointer to integer of different size ./portsentry_io.c: In function âSubstStringâ: ./portsentry_io.c:727: warning: cast from pointer to integer of different size make: *** [linux] Error 1
Problem SOLVED The problem was in lines 1584-185 from portsentry.c the original look like this: 1583 printf ("PortSentry - Port Scan Detector.\n"); 1584 printf ("Copyright 1997-2003 Craig H. Rowland <craigrowland at users dot 1585 sourceforget dot net>\n"); 1586 printf ("Licensing restrictions apply. Please see documentation\n"); 1587 printf ("Version: %s\n\n", VERSION); to work this script shopuld be: 1583 printf ("PortSentry - Port Scan Detector.\n"); 1584 printf ("Copyright 1997-2003 Craig H. Rowland <craigrowland at users dot sourceforget dot net>\n"); 1585 printf ("Licensing restrictions apply. Please see documentation\n"); 1586 printf ("Version: %s\n\n", VERSION); Thank You Falko
Hi all, I am having a problem with installing portsentry on centos 4.8, here's the tutorial I took the guide from: http://www.falkotimme.com/howtos/chkrootkit_portsentry/index.php But its giving me this feedback: Can someone help with this please? Thanks ever so much in advance, also if its out of date or anything (that tutorial), does anyone have any alternatives for an up to date one with a rather old distro of centos 4.8? Any advice as usual is greatly appreciated, Jeremy
This is just a guess, but maybe the gcc version in CentOS 4.8 is too old. You could check if other (newer) gcc versions are available for 4.8.
Hi Falco, I did that. Was a while since I attempted this tutorial, from first seeing it. But this is the error I get when I updated the various development languages: Any ideas? Thanks in advance, Jeremy
Solved! Actually its some problem with the code. Not sure why they didnt sort this out, or havent yet, but this is the offending line in 'portsentry.c' file: Just this is on 2 lines, you cant have this in c programming so, I just removed the line and it works now, not sure why they havent picked up on this yet but hey! Might try and find a contact and ask them to do this to allow other users who dont know C very well to work with this.
