On Sat, 2010-02-06 at 06:20 -0800, Marc MERLIN wrote:
> Hi,
>
> rkhunter 1.6 now reports:
>
> Warning: Application 'exim', version '4.69', is out of date, and possibly a
> security risk.
> Warning: Application 'openssl', version '0.9.8g', is out of date, and
> possibly a security risk.
> Warning: Application 'sshd', version '4.7p1', is out of date, and possibly a
> security risk.
>
> Some of the reports are correct and useful, some aren't and/or I have a
> good reason for running a specific version.
> I would be really nice if there were a way to whitelist application
> versions I'm aware of and ok with.
>
You can. Look at APP_WHITELIST in the configuration file. You can either
whitelist the application name alone, which then, in effect, whitelists
any version of the software. E.g:
APP_WHITELIST="exim openssl sshd"
Or you can whitelist specific versions by appending a colon and then the
version. E.g:
APP_WHITELIST="exim:4.69 openssl:0.9.8g sshd:4.7p1"
You can, of course, mix both types:
APP_WHITELIST="exim:4.69 openssl sshd"
John.
--
John Horne, University of Plymouth, UK
Tel: +44 (0)1752 587287 Fax: +44 (0)1752 587001
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
