On Wed, 2007-05-30 at 12:44 -0400, Andrew Kirch wrote: > > What is the effect, if any of hashupd.sh being run on a compromised > system? Wouldn’t it identify otherwise-malicious files as being > benign? > Yes. Which is why before running hashupd.sh the user should verify that the files are in fact genuine.
As always, rkhunter can only report that something has changed, not why it has changed. John. -- --------------------------------------------------------------- John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914 E-mail: [EMAIL PROTECTED] Fax: +44 (0)1752 233839 ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
