Re: [Rkhunter-users] Unknown application versions

[AnMaster]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

John Horne wrote:
> On Sat, 2007-11-24 at 12:46 +0100, AnMaster wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA512
>>
>> * Application version scan
>>    - GnuPG 1.4.7                                              [ OK ]
>>    - Bind DNS 9.4.1-P1                                        [ Unknown ]
>>    - OpenSSL 0.9.8g                                           [ Unknown ]
>>    - PHP 5.2.5                                                [ Unknown ]
>>    - OpenSSH is                                               [ Unknown ]
>>
> First I suggest you upgrade rkhunter to the latest version (1.3.0).
Well I will when it is in Gentoo portage:
[I] app-forensics/rkhunter
     Available versions:  1.2.7-r1 ~1.2.8 1.2.9 {bash-completion}
     Installed versions:  1.2.9(10:32:13 02/19/07)(bash-completion)
     Homepage:            http://rkhunter.sf.net/
     Description:         Rootkit Hunter scans for known and unknown rootkits,
backdoors, and sniffers.

> 
>> sshd -V gives:
>> sshd: illegal option -- V
>> OpenSSH_4.7p1-hpn12v17, OpenSSL 0.9.8g 19 Oct 2007
>> usage: sshd [-46Ddeiqt] [-b bits] [-f config_file] [-g login_grace_time]
>>             [-h host_key_file] [-k key_gen_time] [-o option] [-p port] [-u 
>> len]
>>
>> Not sure if that is the correct way to check ssh version.
>>
> You have to use 'sshd' with its full pathname and the '-t -d' options:
> 
>    /usr/sbin/sshd -t -d
>    debug1: sshd version OpenSSH_4.5p1
>    debug1: read PEM private key done: type RSA
>    debug1: private host key: #0 type 1 RSA
>    debug1: read PEM private key done: type DSA
>    debug1: private host key: #1 type 2 DSA
# /usr/sbin/sshd -t -d
debug1: Config token is protocol
debug1: Config token is permitrootlogin
debug1: Config token is pubkeyauthentication
debug1: Config token is authorizedkeysfile
debug1: Config token is rhostsrsaauthentication
debug1: Config token is passwordauthentication
debug1: Config token is permitemptypasswords
debug1: Config token is usepam
debug1: Config token is subsystem
debug1: HPN Buffer Size: 87380
debug1: sshd version OpenSSH_4.7p1-hpn12v17
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA

Regards,
AnMaster
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHSItKWmK6ng/aMNkRCnMGAJ4tHltvN3e5sQDnPsZqIjdfj30qDgCfYsCT
oEYwDmIo2GX7aRM3BdkPXjQ=
=FNv3
-----END PGP SIGNATURE-----

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users