On Sat, 19 Jan 2013 00:45:13 +0100 "Martin Čmelík" <martin.cme...@gmail.com> wrote: >I was unable to find answer on my question in FAQ or via Google, >so I think that mail list will be best option.
It is indeed. Good choice. >I would like to set on my distribution separate partition for all >tools which rkhunter needs for scan (--bindir). Is there list of >external commands which rkhunter execute during scan? That's the list it puts in its database when you run "--propupd". More importantly it would be good to know -=why=- you would want to do that? Outdated web pages or web log posts often spread the misconception that RKH equals security. It does not (and besides you shouldn't rely on one tool only). RKH is a -=post-incident=- analysis tool with a specific scope. Security-wise the emphasis should be on -=proper host and service hardening=- first. That's the foundation, a "must have", and it must be done before anything else. I would classify what you intend to do as a "nice to have". >Or is there chance that busybox contain all of them? BB can include ps, find, netstat, lsof but they are very limited in what switches they provide. So even if the binary you compiled has all required tools included usage would cause b0rkage. Doesn't mean you shouldn't try though. Cheers, unSpawn --- ------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122912 _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users