Pages: 1 2 3 [4] All Go Down

Contrib Feedback: Root Kit Hunter

CharlieBrady

6,918
+3/-0

Re: assistance to determine if I can change these pkg

« Reply #45 on: June 18, 2005, 10:54:39 PM »

Quote from: "dilligaf"

I ran the latest rkhunter.
Under the Application version scan I was presented with the following:
GnuPG 1.0.7 Vulnerable http://www.gnupg.org/
Apache 1.3.27 Vulnerable http://www.apache.org/
OpenSSL 0.9.6b Vulnerable http://www.openssl.org/
ProFTPd 1.2.9 Vulnerable http://www.proftpd.org/

It's quite likely that rkhunter is not telling you the full truth. Because RedHat adds security patches to old versions rather than switching to the latest version, you *cannot* determine whether any application is vulnerable just by checking its version number.

You can bypass this very naive behaviour by rkhunter by giving the --skip-application-check flag.

Logged

RedHead

Re: New rkhunter

« Reply #46 on: July 31, 2005, 02:54:21 AM »

Quote from: "lee"

To upgrade to rkhunter 1.2.7
<cut>

Quote from: "moleboy"

Am I correct in thinking that for a brand new installation you first install Duncan's RPM and then perform the above?

Or just install as per above instructions without the RPM?

Any advice gratefully received.

Just a newbie question..
Where do I find the Dungan rpm?
Because the name Dungan isn't there in the contribs and I can't find a matching name.

Logged

Pages: 1 2 3 [4] All Go Up

« previous next »