Running rkhunter showed the following error message-"Invalid SCRIPTWHITELIST configuration option: Non-existent pathname: /usr/bin/lwp-request". A quick search showed that I could get away with it by "commenting" the line "SCRIPTWHITELIST=/usr/bin/lwp-request" in the rkhunter.conf file though I will need to change the file permissions to do so. Should I do it or there is any other way to run rkhunter?
As for chkrootkit, it threw up a warning "The tty of the following user process(es) were not found
in /var/run/utmp !" and followed it up with a PID and a process name running under root. What does it mean?
Best Answer
Instead of whitelisting, well, there's another way to run RKHunter: use DPKG's hashes to verify file integrity:
sudo rkhunter -c --skip-keypress --pkgmgr dpkg