Updated Package for openSUSE: rkhunter 1.3.6
Dezember 1, 2009 Hinterlasse einen Kommentar
I’m pleased to announce the new rkhunter Package for openSUSE.
What’s new in this package? The Project says:
This release offers more ease of use by adding more end-user configuration options and aids detection by adding and improving rootkit and malware checks.
The change log lists 29 additions including 9 configuration options and details for 12 rootkits, 29 changes including improvements for 15 rootkit checks and 22 bugfixes. Naming a few:
- New IGNORE_PRELINK_DEP_ERR configuration option in case of persistent prelink dependency errors.
- New USER_FILEPROP_FILES_DIRS configuration option to add files and directories to the file properties check.
- New COPY_LOG_ON_ERROR configuration option to copy the log file if any errors or warnings have occurred.
- New WEBCMD configuration option to specify the command used to download data file updates from the Internet.
- Rkhunter will look for configuration options in the main configuration file, and then in the local configuration file if it exists.
- New SHARED_LIB_WHITELIST configuration option for whitelisting preloaded shared libraries.
- New WARN_ON_OS_CHANGE configuration option. If unset then no warnings will be shown.
- New UPDT_ON_OS_CHANGE configuration option. If set and the O/S has changed then rkhunter will automatically update properties (‚rkhunter –propupd‘).
- Added support for hash functions SHA224, SHA256, SHA384 and SHA512 using CPAN perl modules Digest-SHA-PurePerl or SHA256.
- New UPDATE_LANG configuration option.
- New ALLOWPROMISCIF configuration option.
- New PKGMGR_NO_VRFY configuration option for fine-grained package manager verification process control.
- Rootkit checks added: Adore Rootkit (aka strings.o aka Dextenea) cb, CX, Fu, iLLogiC, ld-linuxv.so.1, ‚Spanish‘, trNkit, Xzibit, ZK.
- Updated rootkit / malware checks: Ambient (ark), beX2, BOBkit, Dica-kit, Dreams, Enye LKM, evil strings test, Fleakit, FreeBSD, Phalanx2, SHV4, Universal (URK).
This Package is now available in openSUSE:Factory:Contrib.