On Wed, 6 Dec 2023, 04:41 Jörg Frings-Fürst, <debian@jff.email> wrote:
> Hello Francois, > > I did not search for Vulnerabilities. However, I am of the opinion that > using > rkhunter in its current form is equivalent to using a 6 year old virus > scanner > and therefore involves an increased security risk. > i dont think this is a good analagy. rkhunter isnt only a virus scanner. despite the name, several of the tests are not looking for specific rootkits but for anomolies - scripts changing hashes, binaries replaced by scripts. these tests still work (mostly) and provide as much benefit as they ever did. people that dont want rkhunter can uninstall it, as with any other optional package.
