Bug#1057470: Outdated rkhunter since 2018-02
On Wed, 6 Dec 2023, 04:41 Jörg Frings-Fürst, wrote: > Hello Francois, > > I did not search for Vulnerabilities. However, I am of the opinion that > using > rkhunter in its current form is equivalent to using a 6 year old virus > scanner > and therefore involves an increased security risk. > i dont think this is a good analagy. rkhunter isnt only a virus scanner. despite the name, several of the tests are not looking for specific rootkits but for anomolies - scripts changing hashes, binaries replaced by scripts. these tests still work (mostly) and provide as much benefit as they ever did. people that dont want rkhunter can uninstall it, as with any other optional package.
Bug#1057470: Outdated rkhunter since 2018-02
On 2023-12-05 at 20:28:44, Jörg Frings-Fürst (debian@jff.email) wrote: > I did not search for Vulnerabilities. However, I am of the opinion that using > rkhunter in its current form is equivalent to using a 6 year old virus scanner > and therefore involves an increased security risk. Ideally I agree that it would be great if more signatures could be added so that new threats could be detected. I don't see any indication that of vulnerabilities in this software however. Lack of new upstream development is not necessarily an indication that the software is unsafe. Francois -- https://fmarier.org/
Bug#1057470: Outdated rkhunter since 2018-02
Hello Francois, I did not search for Vulnerabilities. However, I am of the opinion that using rkhunter in its current form is equivalent to using a 6 year old virus scanner and therefore involves an increased security risk. Am Dienstag, dem 05.12.2023 um 12:39 -0800 schrieb Francois Marier: > On 2023-12-05 at 07:07:23, Jörg Frings-Fürst (debian@jff.email) wrote: > > I noticed that the program and the data available on the internet are from > > 2018-02. > > So almost 6 years old data suggests a non-existent security. > > Hi Jörg, are you aware of security vulnerabilities in rkhunter or you are > simply guessing that it might contain security vulnerabilities? > > As far as I am aware, rkhunter is not under active development anymore, but > it also doesn't have any known vulnerabilities. > > Francois > CU Jörg -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Jörg Frings-Fürst D-54470 Lieser git: https://git.jff.email/cgit/ Skype:jff-skype@jff.email Jami: joergfringsfuerst Telegram: @joergfringsfuerst Matrix: @joergff:matrix.snct-gmbh.de My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#1057470: Outdated rkhunter since 2018-02
On 2023-12-05 at 07:07:23, Jörg Frings-Fürst (debian@jff.email) wrote: > I noticed that the program and the data available on the internet are from > 2018-02. > So almost 6 years old data suggests a non-existent security. Hi Jörg, are you aware of security vulnerabilities in rkhunter or you are simply guessing that it might contain security vulnerabilities? As far as I am aware, rkhunter is not under active development anymore, but it also doesn't have any known vulnerabilities. Francois -- https://fmarier.org/
Bug#1057470: Outdated rkhunter since 2018-02
Package: rkhunter Version: 1.4.6-11 Severity: grave Hello, I noticed that the program and the data available on the internet are from 2018-02. So almost 6 years old data suggests a non-existent security. My suggestion would therefore be to remove rkhunter from sid and trixie. CU Jörg -- System Information: Debian Release: trixie/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing'), (300, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 6.4.0-2-amd64 (SMP w/20 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages rkhunter depends on: ii binutils 2.41.50.20231202-1 ii debconf [debconf-2.0] 1.5.82 ii file 1:5.45-2 ii lsof 4.95.0-1 ii net-tools 2.10-0.1 ii perl 5.36.0-10 ii ucf3.0043+nmu1 Versions of packages rkhunter recommends: ii bsd-mailx [mailx] 8.1.2-0.20220412cvs-1 ii curl 8.4.0-2 ii e2fsprogs 1.47.0-2+b1 ii exim4-daemon-light [mail-transport-agent] 4.97-2 ii iproute2 6.6.0-1 ii unhide 20220611-1 ii unhide.rb 22-6 ii wget 1.21.4-1+b1 Versions of packages rkhunter suggests: ii liburi-perl 5.21-1 ii libwww-perl 6.72-1 pn powermgmt-base -- Configuration Files: /etc/logcheck/ignore.d.server/rkhunter [Errno 13] Keine Berechtigung: '/etc/logcheck/ignore.d.server/rkhunter' -- debconf-show failed