ich habe testweise mal das Tool Rkhunter unter Debian installiert. Dieses bringt mir beim Scan ein paar Falschmeldung hervor:
Code: Select all
Warning: The command '/usr/sbin/adduser' has been replaced by a script: /usr/sbin/adduser: a /usr/bin/perl script text executable
Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne-Again shell script text executable
Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: a /usr/bin/perl -w script text executable
Warning: The command '/bin/which' has been replaced by a script: /bin/which: POSIX shell script text executable
Warning: Application 'gpg', version '1.4.10', is out of date, and possibly a security risk.
Warning: Application 'openssl', version '0.9.8o', is out of date, and possibly a security risk.
Warning: Application 'sshd', version '5.5p1', is out of date, and possibly a security risk.Code: Select all
SCRIPTWHITELIST=/bin/egrep
SCRIPTWHITELIST=/bin/fgrep
SCRIPTWHITELIST=/bin/which
SCRIPTWHITELIST=/usr/bin/groups
SCRIPTWHITELIST=/usr/bin/ldd
SCRIPTWHITELIST=/usr/bin/lwp-request
SCRIPTWHITELIST=/usr/sbin/adduser
SCRIPTWHITELIST=/usr/sbin/prelink