Re: [Rkhunter-users] aptitude updates file properties automatically on one system but not another
Brought to you by:
dogsbody
Menu
▾
▴
Re: [Rkhunter-users] aptitude updates file properties automatically on one system but not another
|
From: Mike M. <Mik...@sb...> - 2009-06-17 16:53:30
|
Dick Gevers wrote:
> On Tue, 16 Jun 2009 13:46:53 -0500, Mike McCarty wrote about Re:
> [Rkhunter-users] aptitude updates file properties automatically on one
> system but not another:
[...]
>> I use RPM, so I can't say what happens about Ubuntu, which I believe
>> uses DPKG, but telling it to use the package manager information is
>> not the same as telling it to ignore all changes, at least on my
>> machine.
>>
>>> I'd rather be warned of all hash changes and determine by myself whether
>>> they are a result of such updates or if they are potentially unwarranted
>>> changes.
>> That's what my setup does. It queries the package manager. It also
>> complains if other changes take place the package manager doesn't
>> approve.
>
> Aye. What I meant is: if Brian has 300 packages, let's call them 1 thru 300,
> and Ubuntu updates packages 3, 190 and 250 and Brian's box runs an rkhunter
> hashupdate right after that, Brian will miss when a rootkit has 'fixed'
> package no. 13.
Thanks for that clarication. That isn't what I inferred, and it also
isn't something I'd recommend, either. It also isn't something that
happens on my machine.
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I speak only for myself, and I am unanimous in that!
|