[ Rootkit Hunter version 1.3.6 ]

[1;33mChecking rkhunter version... [0;39m
This version : 1.3.6
Latest version: 1.3.6
[ Rootkit Hunter version 1.3.6 ]

[1;33mChecking rkhunter data files... [0;39m
Checking file mirrors.dat [34C[ [1;32mNo update [0;39m ]
Checking file programs_bad.dat [29C[ [1;32mNo update [0;39m ]
Checking file backdoorports.dat [28C[ [1;32mNo update [0;39m ]
Checking file suspscan.dat [33C[ [1;32mNo update [0;39m ]
Checking file i18n/cn [38C[ [1;32mNo update [0;39m ]
Checking file i18n/de [38C[ [1;32mNo update [0;39m ]
Checking file i18n/en [38C[ [1;32mNo update [0;39m ]
Checking file i18n/zh [38C[ [1;32mNo update [0;39m ]
Checking file i18n/zh.utf8 [33C[ [1;32mNo update [0;39m ]

Anyone know how to remove the weird characters?

This is my cron script:

Those are ANSI color codes. You need to use the --nocolors option.

Yes, I tried that once before, without success.
This time I have placed it on a separate line.


(lazily) I will let the cron run tomorrow...

Also this -> /usr/local/bin/rkhunter is not our rkhunter. So your problems might be related to that.

Yes, it is a standalone version on the host server.
ASL & your rkhunter are on the virtual.

You need to call "--nocolors" each time you invoke rkhunter when you want it to not generate ANSI colors.

/usr/local/bin/rkhunter --versioncheck --nocolors
/usr/local/bin/rkhunter --update --nocolors
/usr/local/bin/rkhunter --cronjob --report-warnings-only --nocolors

You also dont need to call rkhunter each time, you can stack those options if you like:

rkhunter --versioncheck --update --cronjob --report-warnings-only --nocolors

From rkhunter --help:



So, when using --cronjob you don't even need to specify --nocolors.

(I see ART's rkhunter also uses both --cronjob and --nocolor in /etc/cron.daily/rkhunter, but yeah, it still works, so it doesn't matter much.)

I found that this separates the output nicely.

Other options work but do not separate the output like the above option.