1 billion emails about rootkit hunter
How can I stop getting emails about rootkit hunter without stopping it from running automatically? These are the emails I get constantly.
Code:
-N - 486/493: root [rkhunter] Daily run -- (all) |
I'm using rkhunter 1.3. In /etc/rkhunter.conf, you can whitelist files, directories and services that you know are OK (check them first). Have a look for settings in there under ALLOWHIDDENDIR, ALLOWHIDDENFILE and INETD_ALLOWED_SVC.
Then run rkhunter and tell it to only report warnings. |
Quote:
|
Quote:
Pattern not found (press RETURN) I did however find ALLOWHIDDENDIR and am using it now. Thanks. EDIT:nevermind, I figured it out. I appended this. INETD_ALLOWED_SVC=/etc/xinetd.d/vmware-authd |
If you're using version 1.3, the installed rkhunter.conf file should have had options like that supplied but commented out. If you're using an older version I'd suggest upgrading. Or, if your distro supplied a package, I'd download the sources from http://sourceforge.net/projects/rkhunter/ and have a look through the default rkhunter.conf and the FAQ it contains.
I subscribed to the rkhunter mailing list at https://lists.sourceforge.net/lists/...rkhunter-users as well - it's a low volume list and it's quite helpful. |
All times are GMT -5. The time now is 03:43 AM. |