From 3cbd95fa53a864e1727139f4e96aea32bc5de96d Mon Sep 17 00:00:00 2001
From: Stefan Kangas <skangas@skangas.se>
Date: Sat, 2 Apr 2011 10:15:39 +0200
Subject: Further quieting of spurious rkhunter warnings

---
 fripost-docs.org | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'fripost-docs.org')

diff --git a/fripost-docs.org b/fripost-docs.org
index 3cfc059..f0f4f69 100644
--- a/fripost-docs.org
+++ b/fripost-docs.org
@@ -838,11 +838,24 @@ sudo rkhunter -c --nomow --rwo
 
     ALLOWHIDDENFILE=/etc/.gitignore
     ALLOWHIDDENFILE=/etc/.etckeeper
+
+    # something like: (adapt port as needed)
+    INETD_ALLOWED_SVC=127.0.0.1:2000
     
     # in case whitelisting is needed, use something like:
     # (whitespace important)
     APP_WHITELIST=" openssl:0.9.8g sshd:4.7p1 "
 
+#### ALSO, do this (not needed for squeeze)
+
++# apps test is disabled by default as it triggers warnings about outdated 
++# applications (and warns about possible security risk: we better trust
++# the Debian Security Team).
++#
+ ENABLE_TESTS="all"
+-DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps"
++DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps apps"
+
 :: /etc/default/rkhunter
 
     REPORT_EMAIL="admin@fripost.org"
-- 
cgit v1.2.3