[rosedu-admins] [rkhunter] rosedu - Daily report

Vlad Dogaru ddvlad at rosedu.org
Mon Dec 12 10:05:00 EET 2011


On Mon, Dec 12, 2011 at 9:45 AM, Razvan Deaconescu
<razvan.deaconescu at cs.pub.ro> wrote:
> On Mon, 2011-12-12 at 08:49 +0200, Vlad Dogaru wrote:
>> On Mon, Dec 12, 2011 at 12:24 AM, root <root at rosedu.org> wrote:
>> > Warning: Syslog configuration file allows remote logging: *.*       @141.85.226.78
>> > Warning: Hidden directory found: /etc/.java
>> > Warning: Application 'gpg', version '1.4.10', is out of date, and possibly a security risk.
>> > Warning: Application 'openssl', version '0.9.8o', is out of date, and possibly a security risk.
>> > Warning: Application 'sshd', version '5.5p1', is out of date, and possibly a security risk.
>> >
>> > One or more warnings have been found while checking the system.
>> > Please check the log file (/var/log/rkhunter.log)
>>
>> Can we get rid of these?  Nu mi-e greu să fac un d-ăla care le pune
>> într-un folder pe care nu îl citesc, dar e kinda useless dacă ajungem
>> să nu le citească nimeni.
>
> Unele sunt utile, altele nu. Nu știu cum putem să le filtrăm. Putem
> dezactiva serviciul.

Nu pot fi configurate granular?  Mie mi se par toate issue-urile
rezolvabile, nu susțin dezactivarea serviciului:

* upgrade packages
* investigate /etc/.java, whitelist directory if possible
* aia cu syslog e ciudată, e clar că asta vrem -- din nou: se poate
configura un whitelist?

Vlad


More information about the rosedu-admins mailing list