Hi! I'd be grateful if someone could answer a couple of questions ...
1. I'm aware that in principle it checks for changes to key files that might indicate a replacement by a rootkit/virus, and I've already set up my installation to check against my package manager's details (DPKG in my case), however there are also rootkit-specific tests run by RKH that are listed toward the end of the 'check' process. Notably absent from this list are some recent nasties such as HiddenWasp - is this because the signatures haven't been updated yet, or would it be detected by more generic checks that mean it doesn't need specific checks to be performed? 2. what is the process, and how often are the RKH signatures updated? Thanks for your help. Rob _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
