On Sun, 2010-01-31 at 16:26 +0000, John Horne wrote: > On Sat, 2010-01-30 at 18:55 -0600, Chris wrote: > > On Tue, 2009-12-29 at 22:14 +0000, John Horne wrote: > > > > > > Warning: Application 'named', version '9.3.6-P1', is out of date, and > > > > possibly > > > > a security risk. > > > > > > > > So it seems the named entry is still ignored? > > > > > > > Well I just tested this - with named version 9.6.1-p1 - and the > > > whitelisting worked fine. I would suggest looking in the RKH log file. > > > It will say what whitelisted apps it has found, and the version of the > > > apps it finds. The top of the log file will also say which RKH config > > > file(s) it is looking at - it may be that you are looking at one config > > > file, but RKH is looking at a different one. > > > > > > If necessary you can whitelist just 'named'. The test will then, in > > > effect, ignore the test for the 'named' version number (regardless of > > > what it is). > > > > > John, I seem to be having an issue with this also. I'm running RKH > > 1.3.4, still waiting for the newer version through Mandriva. > > My /usr/local/etc/rkhunter.conf file has this line: > > > > APP_WHITELIST="named:9.6.1-P3 OpenSSL:0.9.8k" > > > > I've run rkhunter --propupd and still get this in my log file: > > > > Warning: Application 'named', version '9.6.1', is out of date, and > > possibly a security risk. > > > > named -V > > BIND 9.6.1-P3 > > > > FWIW I've also tried replacing named with BIND on the whitelist line. > > I've also tried just using: > > > > APP_WHITELIST="named OpenSSL:0.9.8k" > > > > and still get the same warning: > > > > Warning: Application 'named', version '9.6.1', is out of date, and > > possibly a security risk. > > > Using just 'named' should work, however, try using: > > APP_WHITELIST="named:9.6.1 OpenSSL:0.9.8k" > > > > John. >
Thanks John, that did the trick: Info: Found application 'named' version '9.6.1': this version is whitelisted. Could have sworn I'd tried that, guess not. Chris -- KeyID 0xE372A7DA98E6705C
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com
_______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
