On Tue, 23 Apr 2013 03:29:21 +0200 "Ralph Seward" <rj_sew...@hotmail.com> wrote: >> <rj_sew...@hotmail.com> wrote: >> >I am running Ubuntu 12.04.2 LTS on a dedicated web server. I >just >> > upgraded my Rkhunter install to 1.4.0, set up the conf file, >> > ran --propud and then ran a check. Below are the warnings that > >> > appear in the log file. Does any of this look like something >> >anyone has seen before? >> >Please forgive me if any of these have been answered previously > ><unsp...@hushmail.com wrote> >> All are common concerns addressed previously. Efficiency-wise it >> would be good to start by reading the README, the FAQ, reviewing >> the comments in rkhunter.conf and maybe even search the rkhunter- >> users mailing list archive. > >I was actually looking to see if this could be a specific pattern which >may have been an indication of a broader problem.
If that would have been the case my reply would have been different. >However, at this >point I will assume that all of these warnings are a result of Rkhunter >running on Ubuntu, and specifically on 12.04, and that the standing >recommendation is to whitelist all of the below: >/usr/sbin/adduser >/usr/bin/ldd >/usr/bin/unhide.rb >/usr/bin/lwp-request >/bin/which >/dev/.blkid.tab >/dev/.initramfs If you have verified these items are as your distribution provides them you can white list them. BTW you should be using the separate "unhide" tool and not "unhide.rb". unSpawn --- ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
