Hello all,
I just ran rkhunter (v1.2.8) and noticed this:
---
Checking for logging to remote system... [ OK (no remote
logging) ]
---
"What...? I sure have a remote logging in use", I mumbled. A quick peek to
rkhunter code revealed that this line
---
logtoremote=`cat /etc/syslog-ng/syslog-ng.conf | grep "@" | grep -v "#"`
---
has an error in it. Instead it should be for example
---
logtoremote=`egrep "^destination.*(ud|
tc)p\(\"[^\"]+\"\)" /etc/syslog-ng/syslog-ng.conf`
---
That's because syslog-ng remote logging is defined like this:
---
destination someloghost { udp("some.loghost.address"); };
---
Cheers,
Janne Pikkarainen
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Rkhunter-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
