On Mon, 09 May 2011 23:01:48 +0200 Dave Rohde <b...@lanset.com> wrote: >Was also wondering on consensus for whitelisting these folders?
Generally speaking making use of any white-listing diminishes the capability to find items of a possibly malicious nature. However since the amount of logging due to false positives for most doesn't outweigh the risk, if you can trace back the origin slash cause to a known good process or package then you could white-list these items. Your rkhunter.conf will contain examples for common /dev culprits like /dev/intramfs, /dev/static, /dev/udev and /dev/java. >Using 1.3.6 from the stable Debian under Ubuntu 8.04 Version 1.3.8. is current BTW. Best regards, unSpawn --- ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
