Debian rkhunter warning when using --pkgmgr option

Question

I have a web server using rkhunter for rootkit protection.

When I check, rkhunter returns no warnings in the root kit part (so I guess I'm good). But I get a lot of warning when Performing file properties checks.

I figured out that this can be caused every time I update my system (apt-get dist-upgrade), because some files change during the update. Then rkhunter recognizes these changes.

After further research, I figured out that the option "--pkgmgr DPKG" should check against the latest values in the repository. So in theory (as far as I understood), it should return without warnings.

But it does not work and since I get an email as soon as rkhunter returns a warning I would like to know how to avoid these warnings.

score 0 · Answer 1 · answered Dec 06 '17 at 23:36

0

You can avoid these warnings by researching what the warnings are and what others have done. Check the log file that rkhunter tells you to when it completes, google the lines.

Hopefully you can whitelist the problems.

Understanding rkhunter warnings

answered Dec 06 '17 at 23:36

Calvin Taylor

664
4
15

Debian rkhunter warning when using --pkgmgr option

1 Answers1