rkhunter sshd warning

Wolfgang S. Rupprecht wolfgang.rupprecht at gmail.com
Wed Mar 19 08:00:19 UTC 2014


Patrick O'Callaghan <pocallaghan at gmail.com> writes:
> On Sun, 2014-03-16 at 15:04 -0700, Wolfgang S. Rupprecht wrote:
>> A clever intruder is just going to wait until a batch of changes goe
>> out and then add their trojan. 
>
> Of course you check the hash signatures on those downloads, right?

Yes, but in a haphazard, infrequent manner.  The whole point of
me installing rkhunter was to automate detection of trojans.   If I'm
going to have to check the hashes myself, what is rkhunter bringing to
the party?

The more I think about it the more --propupd bothers me.  rkhunter emits
warnings that turn into regular mailbox clutter and sooner or later one
is going to ignore them.

-wolfgang


More information about the users mailing list