On Thu, 02 Aug 2007 20:57:26 +0200 Christian Andretzky <[EMAIL PROTECTED]> wrote: >Hi, >running rkhunter on debian etch I can find the following false >alarm: > >[17:00:17] - File /usr/bin/slice... WARNING! Exists. > >- maybe a file named /usr/bin/slice is a part of a known rootkit >but in this >special case this file is part of the slice package.
Good one, thanks for notifying. Maybe we should allow a whitelist for /path/to/cmd's, that is, only if attributes like hash check out OK. Cheers, unSpawn -- Click here to find a massage therapy school near you. http://tagline.hushmail.com/fc/Ioyw6h4dE31II5f0AMAlZejzkvJgom9bHbVy2E3ECXyZolK6v6P78U/ ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users