Dick Gevers wrote:
> On Tue, 16 Jun 2009 13:46:53 -0500, Mike McCarty wrote about Re:
> [Rkhunter-users] aptitude updates file properties automatically on one
> system but not another:
[...]
>> I use RPM, so I can't say what happens about Ubuntu, which I believe
>> uses DPKG, but telling it to use the package manager information is
>> not the same as telling it to ignore all changes, at least on my
>> machine.
>>
>>> I'd rather be warned of all hash changes and determine by myself whether
>>> they are a result of such updates or if they are potentially unwarranted
>>> changes.
>> That's what my setup does. It queries the package manager. It also
>> complains if other changes take place the package manager doesn't
>> approve.
>
> Aye. What I meant is: if Brian has 300 packages, let's call them 1 thru 300,
> and Ubuntu updates packages 3, 190 and 250 and Brian's box runs an rkhunter
> hashupdate right after that, Brian will miss when a rootkit has 'fixed'
> package no. 13.
Thanks for that clarication. That isn't what I inferred, and it also
isn't something I'd recommend, either. It also isn't something that
happens on my machine.
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I speak only for myself, and I am unanimous in that!
------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
