On Wed, 2010-05-26 at 14:48 +1000, David Mitchell wrote: > On 26/05/2010 14:26, Duane Loftus wrote: > > Here is a section of my rkhunter.log. What should I be doing about the > > "warning" items? > > > > [20:58:22] Performing trojan specific checks > > [20:58:22] Info: Starting test name 'trojans' > > [20:58:22] Checking for enabled inetd services [ Skipped ] > > [20:58:22] Info: Check skipped - file '/etc/inetd.conf' does not exist. > > [20:58:23] > > [20:58:23] Performing check for enabled xinetd services > > [20:58:23] Info: Using xinetd configuration file '/etc/xinetd.conf' > > [20:58:23] Checking '/etc/xinetd.conf' for enabled services [ None > > found ] > > [20:58:23] Found 'includedir /etc/xinetd.d' directive > > [20:58:23] Checking '/etc/xinetd.d/chargen-dgram' for enabled > > services [ None found ] > > [20:58:23] Checking '/etc/xinetd.d/chargen-stream' for enabled > > services [ None found ] > > [20:58:23] Checking '/etc/xinetd.d/daytime-dgram' for enabled > > services [ None found ] > > [20:58:23] Checking '/etc/xinetd.d/daytime-stream' for enabled > > services [ None found ] > > [20:58:23] Checking '/etc/xinetd.d/discard-dgram' for enabled > > services [ None found ] > > [20:58:23] Checking '/etc/xinetd.d/discard-stream' for enabled > > services [ None found ] > > [20:58:23] Checking '/etc/xinetd.d/echo-dgram' for enabled services > > [ None found ] > > [20:58:23] Checking '/etc/xinetd.d/echo-stream' for enabled services > > [ None found ] > > [20:58:24] Checking '/etc/xinetd.d/finger' for enabled services > > [ None found ] > > [20:58:24] Checking '/etc/xinetd.d/ftp_psa' for enabled services > > [ Warning ] > > [20:58:24] Checking '/etc/xinetd.d/ntalk' for enabled services > > [ None found ] > > [20:58:24] Checking '/etc/xinetd.d/poppassd_psa' for enabled > > services [ Warning ] > *snip* > > Looks like you're running Plesk, is that right? These warnings are > pretty normal for Plesk setups as it uses xinetd for a number of things. > You just need to add a XINETD_ALLOWED_SVC line in your rkhunter.conf for > each of the services you're using, eg. > > XINETD_ALLOWED_SVC=/etc/xinetd.d/ftp_psa > XINETD_ALLOWED_SVC=/etc/xinetd.d/poppassd_psa > > Of course you should check first to make sure that all of the items > warned about are services you actually want to be available :) > > Cheers, > Dave > > ------------------------------------------------------------------------------ OK ... will do. Thanks and yes, I am using Plesk on the GoDaddy server. I'm using Ubuntu at home.
I'll go thru each of the items then whitelist them in the conf file if ok. Thanks. > _______________________________________________ > Rkhunter-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/rkhunter-users ------------------------------------------------------------------------------ _______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
