Hey Francois.
Have you considered any of the following remaining ones: On Sun, 2014-10-19 at 03:10 +0200, Christoph Anton Mitterer wrote: > #SYSLOG_CONFIG_FILE=/etc/syslog.conf > => while rkhunter will determine this automatically, it may still be nice to > set it to /etc/rsyslog.conf on Debian, since rsyslog is the default > SCRIPTWHITELIST=/usr/bin/unhide.rb > => maybe it makes also sense un-comment from that line, since rkhunter > Recommneds unhide.rb and it's likely to be installed > See als bug #. > INSTALLDIR=/usr > => which isn't contained in the upstream default rkhunter.conf. > Is this perhaps just a leftover? For the following, I'm not really sure why I didn't suggest sha512 instead of sha256: > HASH_CMD > => As part of crypto strengthening, I'd probably suggest to set this to: > HASH_CMD=sha512sum Further, I've seen you commented: >#SCRIPTWHITELIST=/usr/bin/lwp-request It's also suggested by rkhunter... so similarly to unhide.rb,... it *may* make sense to have this enabled per default. But I have no strong opinion on either of the two. Cheers, Chris -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
