[Freeipa-users] FreeIPA, rkhunter & "unknown rootkit"
Anthony Messina
amessina at messinet.com
Fri Aug 17 19:53:11 UTC 2012
On Friday, August 17, 2012 02:59:31 PM Mark St. Laurent wrote:
Hi Anthony,
I would start off by seeing what files the PID is opening to make sure it is
truly being good:
#lsof -p 1513
To avoid these warnings, you can reconfigure rkhunter to ignore these false
positives by editing the rkhunter.conf file:
vi /etc/rkhunter.conf.
RTKT_FILE_WHITELIST="/var/log/pki-ca/system"
Hope this helps.
Norman "Mark" St. Laurent
Federal Team: Senior Solutions Architect
Red Hat
8260 Greensboro Drive, Suite 300
McLean VA, 22102
Email: msl at redhat.com
Cell: 703.772.1434
Check this Link out!!! Cool Stuff: http://mil-oss.org/
Thank you very much. The process looks that it is "truly being good." And
your solution worked perfectly. -A
--
Anthony - http://messinet.com - http://messinet.com/~amessina/gallery
8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120817/776d7bdd/attachment.sig>
More information about the Freeipa-users
mailing list