On 10-05-07 10:44 AM, Michael Li wrote: Using rkhunter with OSX correctly is a bigger issue I hope someone else will address. I will comment on a few of these warnings I'm sure are not an issue for you.
> My OS is Mac OSX 10.5.8 > [15:02:38] Info: Using system startup paths: /etc/rc.d /etc/rc.local > /usr/local/etc/rc.d /usr/local/etc/rc.local /etc/conf.d/local.start > /etc/init.d /etc/inittab > [15:02:38] Warning: Checking for possible rootkit strings [ Warning ] > [15:02:39] No system startup files found. Those files are not used in Leopard. This is not an issue. > [15:06:08] Performing system boot checks > [15:06:08] Info: Starting test name 'startup_files' > [15:06:08] Checking for local host name [ Found ] > [15:06:08] Info: Starting test name 'startup_malware' > [15:06:08] Checking for system startup files [ Warning ] > [15:06:08] Warning: No system startup files found. Same. Those files are not used in Leopard. This is not an issue. > [15:06:08] Checking for passwordless accounts [ Warning ] > [15:06:08] Warning: No shadow/password file found. Same. Doesn't apply to Leopard. > [15:06:09] Warning: The SSH configuration option 'PermitRootLogin' has not > been set. > The default value may be 'yes', to allow root access. While true, the root user is not enabled in OSX by default, so this could be considered ok as is. > [15:06:10] Info: Found syslog configuration file: /etc/syslog.conf > [15:06:10] Checking if syslog remote logging is allowed [ Warning ] > [15:06:10] Warning: Syslog configuration file allows remote logging: > install.* @127.0.0.1:32376 I could be mistaken, but I think rkhunter is wrong here - allowing logging from localhost is not 'remote logging' as far as I'm concerned. > Several warnings, referring to application versions of gpg httpd named > openssl php procmail proftp sshd Use Apple's own software update to confirm you are up to date on these. Apple patches existing versions rather than upgrading to new versions for security issues. In summary, most of your issues stem from using rkhunter on OSX, rather than the more traditional *nix systems. Hopefully someone else can step up with suggestions on how to make it work better for you. Brian
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
