who has experienced rkhunter? I have just installed it and tried and everything seems ok on my machine, expect these warning messages:
* Application version scan - GnuPG 1.2.3 [ Vulnerable ] - Apache 2.0.47 [ Vulnerable ] - OpenSSL 0.9.7a [ Vulnerable ] - PHP 4.3.3 [ Vulnerable ] - OpenSSH 3.6.1p2 [ Vulnerable ]
I'm running fc1 and tried to update these soft but yum answer is that everything in installed in the latest version...
Are fedoralegacy mirrors not up to date or rkhunter is wrong?
Did you check the RootKit Hunter FAQ? http://www.rootkit.nl/articles/rootkit_hunter_faq.html
B8
Rootkit Hunter tells me I have vulnerable applications installed, but I have fully patched my server! How is this possible?
Some distributions like Red Hat and OpenBSD do patch old versions. So Rootkit Hunter thinks it's a old version, but instead it's a safe patched version. If you have the same situation, don't use the program version checker (--skip-application-check), to suppress the false positives.
Paul.
