On Wed, 12 Oct 2011 12:20:51 +0100, Ad L. wrote:
> Hello all,
Hi!
Ad, most of your messages are going unthreaded and with no references nor
quotes of the replied message. How are you posting to this mailing
list? :-?
> a little while ago, I executed the 'rkhunter' hunter script as part of a
> random check. It gave me a warning about changed files, but as I checked
> synaptic's history, I found out that those files are part of packages
> that were updated.
>
> My intention is to find out how to build a trigger, either for apt or
> for dpkg, to update the rkhunter database after each package upgrade.
> Maybe it'd be smart to run rkhunter before updates as well, to catch the
> unauthorized changes that might be there.
>
> My question:
> should I focus on apt, or rather on dpkg? As far as I'm aware, both
> synaptic and aptitude rely on apt, but I feel that it's wise to handle
> any security-related issues as low-level as possible.
>
> Does anyone have other suggestions to consider?
There is a small reference at rkhunter readme file ("/usr/share/doc/
rkhunter/README.Debian.gz", "Hash Checks" section) about how to manage
the integrity of hashes, not sure if that can be of any help to your
issue.
Greetings,
--
Camaleón
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/pan.2011.10.12.12.23...@gmail.com
