diff options
| author | Stefan Kangas <skangas@skangas.se> | 2011-04-02 10:15:39 +0200 |
|---|---|---|
| committer | Stefan Kangas <skangas@skangas.se> | 2011-04-02 10:15:39 +0200 |
| commit | 3cbd95fa53a864e1727139f4e96aea32bc5de96d (patch) | |
| tree | cf69b6621260a685432db2310229d5006a59ec30 | |
| parent | be1401f0d7239b0e5dfe5eca1d0b2b3c011afaf6 (diff) | |
Further quieting of spurious rkhunter warnings
| -rw-r--r-- | fripost-docs.org | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/fripost-docs.org b/fripost-docs.org index 3cfc059..f0f4f69 100644 --- a/fripost-docs.org +++ b/fripost-docs.org @@ -838,11 +838,24 @@ sudo rkhunter -c --nomow --rwo ALLOWHIDDENFILE=/etc/.gitignore ALLOWHIDDENFILE=/etc/.etckeeper + + # something like: (adapt port as needed) + INETD_ALLOWED_SVC=127.0.0.1:2000 # in case whitelisting is needed, use something like: # (whitespace important) APP_WHITELIST=" openssl:0.9.8g sshd:4.7p1 " +#### ALSO, do this (not needed for squeeze) + ++# apps test is disabled by default as it triggers warnings about outdated ++# applications (and warns about possible security risk: we better trust ++# the Debian Security Team). ++# + ENABLE_TESTS="all" +-DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps" ++DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps apps" + :: /etc/default/rkhunter REPORT_EMAIL="admin@fripost.org" |