question regarding rkhutner findings/warnings

Discussion in 'Installation/Configuration' started by Ovidiu, Dec 4, 2009.

  1. Ovidiu

    Ovidiu Active Member

    recently, 3-5 days ago, rkhutner started giving me these warnings:
    Code:
    Warning: Application 'gpg', version '1.4.9', is out of date, and possibly a security
    risk.
    Warning: Application 'openssl', version '0.9.8g', is out of date, and possibly a
    security risk.
    Warning: Application 'php', version '5.2.6', is out of date, and possibly a security
    risk.
    Warning: Application 'sshd', version '5.1p1', is out of date, and possibly a
    security risk.
    
    One or more warnings have been found while checking the system.
    Please check the log file (/var/log/rkhunter.log)
    I am jsut wondering now, as I keep my system up to date with apt-get dist-upgrade and have the newest upgrades. What to do about these warnigns now?
     
  2. Mark_NL

    Mark_NL New Member

    If you update files that are being monitored by rkhunter, you ned to update the rkhunter database file as well so it knows the files are updated.

    Code:
    rkhunter --propupd
    was the command for that if i'm not mistaken.
     
  3. Ovidiu

    Ovidiu Active Member

    I knew that, I was doing that when rkhutner was alertign em that some fiels had changed where I knew I had changed them, but this seemed different to me, its complaining about old versions but my system is up to date, that is what confused me..
     
  4. Mark_NL

    Mark_NL New Member

    interresting, i got the exact same mail today from rkhunter :)

    the apt repos ain't updated, for debian, so can't download newer versions (i think they've updated the rkhunter db and decided to spam these warnings)
     
  5. Ovidiu

    Ovidiu Active Member

    rkhunter --propupd doesn't seem to make rkhunter ignore these warnings...
     
  6. Mark_NL

    Mark_NL New Member

    i know, i have the same warnings every day in my mailbox :)
    I think it's nothing really to worrie about .. when you use the apt repo's then you're stuck with the version that it supplies .. you can manually install the software upgrades, but won't advise it. So i guess we've to wait until there is a .deb file for it.
     
  7. till

    till Super Moderator

    Debian updates these applications which patches without rising the version number. So your server is secure and these warnings are wrong as long as you install all available updates with apt.
     

Share This Page