On Wed, 2009-12-02 at 07:52 -0500, Tanstaafl wrote: > Hi everyone, > > I'm still a bit new to rkhunter. > > I've been running the apps test ever since I installed rkhunter, and the > only time I got a hit was after updating the core tools, which makes > sense, since those executables are updated, and a quick --propupd fixes it. > > I also recently had a hit on the same two apps (gpg and ?), and based on > the comments here, decided to disable the apps test. > > Now, I am only apparently running two tests: File properties, and rootkits. > You need to check your config file to see what tests have been disabled. However, even without the apps test you should have whole sections of tests stating what they are doing:
Checking system commands... (which includes the file properties test, but is not restricted to just that) Checking the network... Checking the local host... Each of these have several tests within them. So unless you have disabled a lot of tests, you shouldn't have just the file properties and rootkit tests running. John. -- John Horne, University of Plymouth, UK Tel: +44 (0)1752 587287 Fax: +44 (0)1752 587001 ------------------------------------------------------------------------------ Join us December 9, 2009 for the Red Hat Virtual Experience, a free event focused on virtualization and cloud computing. Attend in-depth sessions from your desk. Your couch. Anywhere. http://p.sf.net/sfu/redhat-sfdev2dev _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
