Hello Omar, On Mon, 30 Jul 2007 11:18:37 +0200 Omar Tchikou <[EMAIL PROTECTED]> wrote: >In the results of scanning, rkhunter 1.2.9 send me these messages >: > >Ready. >No logfile given: using default. >/bin/cat [ BAD ] >/bin/chmod [ BAD ] >/bin/chown [ BAD ] (..) >Scanning for hidden files... [ Warning! ]
Please verify (using the package manager from your distribution or a file integrity checker if you set up one before) the items mentioned are sane, then run "hashupd". With respect tot the hidden items please check the FAQ, mailing list archive and rkhunter.conf for hints. >Can you explain me please, why is it a security vulnerability to >not have a log file for each command ? No, it is about the rkhunter logfile which by default will be /var/log/rkhunter.log, not one per command. Not having a logfile is not a vulnerability. The logfile shows details stdout reporting does not. Cheers, unSpawn -- Inventors: Does your idea have potential for millions? Click for info http://tagline.hushmail.com/fc/Ioyw6h4dkckghdSGSwH95Eelb80JzuSAAJNty0WFfzfosJsr8BAKkg/ ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
