Date: Wed, 5 Jan 2011 00:42:15 +0100 From: Torfinn Ingolfsen <tingox@gmail.com> To: FreeBSD Ports ML <freebsd-ports@freebsd.org> Subject: Re: security/rkhunter 1.3.8 - false warning? Message-ID: <AANLkTi=B0uu-22nxrNRpJEp3E21fDUscbtqnysAk7gHF@mail.gmail.com> In-Reply-To: <35113D20-59B2-4924-823B-DF5F97BE1F7A@mac.com> References: <AANLkTimkPG7cLfyVM8QHO=GSNyY5U0sp%2B9eo3xsPkiye@mail.gmail.com> <35113D20-59B2-4924-823B-DF5F97BE1F7A@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On Tue, Jan 4, 2011 at 7:52 PM, Chuck Swiger <cswiger@mac.com> wrote: > On Jan 4, 2011, at 9:38 AM, Torfinn Ingolfsen wrote: >> rkhunter 1.3.8 from ports complains about the /etc/passwd file. =A0Why d= oes it do that? > > It's buggy? > > RKHunter is better known for generating vast numbers of obscure false pos= itives than it is for actually providing a security benefit. =A0Something l= ike > tripwire or a functioning backup system which can provide a comparison of= changes against current filesystem state is much more likely to be useful. Well, rkhunter hasn't generated any false warnings for me in a few years now. YMMV, and you are of course entitled to your own opinion. If anyone has anything useful in answer to the question I asked, feel free to provide it. --=20 Regards, Torfinn Ingolfsen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTi=B0uu-22nxrNRpJEp3E21fDUscbtqnysAk7gHF>