On Tue, 09 Apr 2013 18:26:55 +0200 "Nick Warr" <nick.w...@krescendo.com> wrote: >[15:33:39] Info: Starting test name 'running_procs' >[15:33:40] Checking running processes for suspicious files [ Warning ] >[15:33:40] Warning: The following processes are using suspicious files: >[15:33:40] Command: crontab >[15:33:40] UID: 0 PID: 23315
>Is there a way I can whitelist the crontab process? I haven't been >able to find a definitive answer to how (besides disabling the >running_procs test obviously), would RTKT_FILE_WHITELIST help? Is there another >option in the conf I missed? Instead of blithely white listing things I'd rather check what trips 'running_procs' first. Could you please *attach* the log file (see /tmp) from running RKH with --debug to an email to me? Regards, unSpawn --- ------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
