On Mon, 2007-07-16 at 16:39 +1000, Gordy wrote: > > Questions > Q1) I can see the rpm package manager is reported in the log file but > why no mention of it at the shell (konsole) command line interface? > Because you didn't specify to use the RPM package manager on the command-line.
> q2) Do you prefer rpm -Uvh (file.rpm) commands instead, in order to > rpm manager to work or have I missed something ? > ? How you install packages is up to you, RKH doesn't care about that. > q3) If a system file was installed without using the rpm manager, I > agree that RKH should detect it and report accordingly. So installing > a legit file at first glance looks ok but my real question is....how > do I know the rkhunter executable really did check all new rpm files > were legit? > Because if they weren't you would get a warning. You only get an 'OK' if it passes the test that the file is valid. RKH generally logs when something is wrong. It only provides additional logging if it may be of some use. There is not really any useful additional information to be logged if a file has passed rpm verification, other than the fact that it has passed the test. > For example, if I enable Tipwire, skdet, unhide etc...even if those > names are not explicit in the CLI....at least in the logfile I can see > the check is being made? > ? You can't specify those names on the command-line. John. -- --------------------------------------------------------------- John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914 E-mail: [EMAIL PROTECTED] Fax: +44 (0)1752 233839 ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
