security/rkhunter 1.3.8 - false warning?
Torfinn Ingolfsen
tingox at gmail.com
Tue Jan 4 23:42:16 UTC 2011
Hi,
On Tue, Jan 4, 2011 at 7:52 PM, Chuck Swiger <cswiger at mac.com> wrote:
> On Jan 4, 2011, at 9:38 AM, Torfinn Ingolfsen wrote:
>> rkhunter 1.3.8 from ports complains about the /etc/passwd file. Why does it do that?
>
> It's buggy?
>
> RKHunter is better known for generating vast numbers of obscure false positives than it is for actually providing a security benefit. Something like
> tripwire or a functioning backup system which can provide a comparison of changes against current filesystem state is much more likely to be useful.
Well, rkhunter hasn't generated any false warnings for me in a few
years now. YMMV, and you are of course entitled to your own opinion.
If anyone has anything useful in answer to the question I asked, feel
free to provide it.
--
Regards,
Torfinn Ingolfsen
More information about the freebsd-ports
mailing list