rkhunter

Traian Gheorghe ONCIU Fedora at DalilaSoft.Ro
Fri Oct 15 14:07:20 UTC 2004 

You wrote:

>On Oct 15, 2004 at 13:43, François Patte in a soothing rage wrote:
>
>>
>>Bonjour,
>>
>>who has experienced rkhunter? I have just installed it and tried and
>>everything
>>seems ok on my machine, expect these warning messages:
>>
>>* Application version scan
>>   - GnuPG 1.2.3                                              [ Vulnerable ]
>>   - Apache 2.0.47                                            [ Vulnerable ]
>>   - OpenSSL 0.9.7a                                           [ Vulnerable ]
>>   - PHP 4.3.3                                                [ Vulnerable ]
>>   - OpenSSH 3.6.1p2                                          [ Vulnerable ]
>>
>>I'm running fc1 and tried to update these soft but yum answer is that
>>everything
>>in installed in the latest version...
>>
>>Are fedoralegacy mirrors not up to date or rkhunter is wrong?
>>
>>There is one mistake in the above list: Apache is not installed.
>But is httpd installed? Cause that is Apache. Just because rkhunter
>says something is vulnerable does not necessarily mean that the FC
>rpm is. You need to look at the changelog for each rpm to find out
>whether it contains patches for posted vulnerabilities.
>
>N.Emile...

1st. rkhunter checks about LATEST released, since some distribution like 
RedHat / Fedora are
     not using the latest always.
2nd. FC1 used glibc-2.3.2-101.4 and some of these modules you listed (i.e. 
OpenSSL, OpenSSH)
     requires a new version of glibc. Because this and because upgrading glibc 
is not so easy
     (sometimes your system cannot run properly after an upgrade), I suggest 
to upgrade to
     FC2 or to backup all glibc files before anything and to have an alternate 
OS which can
     read/write on your FC1 disk(s) installation or, more good, to backup 
entire FC1
     installation (with Norton Ghost or PowerQuest DriveImage or other similar 
tool).
     Be careful !!! It happends to me sometime in the past ...
3rd. perhaps rkhunter list Apache since you didn't install becaude a module 
needed by Apache
     is already installed. Try set rkhunter to make a detailed log since 
scanning (see
     rkhunter help).

Good luck !

Traian Gheorghe ONCIU
-------------- next part --------------
A non-text attachment was scrubbed...
Name: S.C. Dalila SoftWare SRL (DalilaSoft).vcf
Type: text/x-vcard
Size: 572 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20041015/5d07384c/attachment-0001.vcf>

More information about the fedora-list mailing list