Hallo, unspawn, Du meintest am 07.10.09:
>>> Does anyone use inetd (not Xinetd) whitelisting? If so, could you >>> please report if it works with Rootkit Hunter version 1.3.4? >> Works. Since many versions, up to 1.3.4 [imported from e-mail] > I'm > trying to troubleshoot an issue with a user using inetd > whitelisting. Unfortunately I do not posess a machine with inetd > running. Could you please assist us and supply me with one line > from your inetd conf with a /path/tobinary name and the > corresponding rkhunter.conf whitelisting line? # ------------ rkhunter.conf -------------------- # --------------- partial ----------------------- INETD_CONF_PATH=/etc/inetd.conf # # Allow the following enabled xinetd services. # Only one service per line (use multiple INETD_ALLOWED_SVC lines). # # Below are some Solaris 9 and 10 services that may want to be whitelisted. # #INETD_ALLOWED_SVC=echo #INETD_ALLOWED_SVC=/network/rpc-100235_1/rpc_ticotsord #INETD_ALLOWED_SVC=/network/rpc-100083_1/rpc_tcp #INETD_ALLOWED_SVC=/network/rpc-100068_2-5/rpc_udp INETD_ALLOWED_SVC=time INETD_ALLOWED_SVC=ftp INETD_ALLOWED_SVC=tftp INETD_ALLOWED_SVC=telnet INETD_ALLOWED_SVC=auth INETD_ALLOWED_SVC=finger INETD_ALLOWED_SVC=pop3 INETD_ALLOWED_SVC=imap2 # INETD_ALLOWED_SVC=rembo # INETD_ALLOWED_SVC=swat # INETD_ALLOWED_SVC=cvs # --------------- inetd.conf ----------- # --------------- partial -------------- time stream tcp nowait root internal time dgram udp wait root internal ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/proftpd telnet stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.telnetd finger stream tcp nowait daemon /usr/sbin/tcpd /usr/sbin/in.fingerd -s -l auth stream tcp nowait.200 nobody /usr/sbin/in.identd in.identd -N pop3 stream tcp nowait root /usr/sbin/tcpd /usr/sbin/popa3d imap2 stream tcp nowait root /usr/sbin/tcpd /usr/sbin/imapd # -------------------------------------- Viele Gruesse! Helmut ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users