Rkhunter and plesk xinetd services 1

When you see these in the report of rkhunter in a plesk server:

Warning: Found enabled xinetd service: /etc/xinetd.d/ftp_psa
Warning: Found enabled xinetd service: /etc/xinetd.d/poppassd_psa
Warning: Found enabled xinetd service: /etc/xinetd.d/smtp_psa
Warning: Found enabled xinetd service: /etc/xinetd.d/smtps_psa
Warning: Found enabled xinetd service: /etc/xinetd.d/submission_psa

One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter/rkhunter.log)

The solution is:

Run
[root@server]# locate rkhunter.conf

if you have installed rkhunter via yum you will get:
/etc/rkhunter.conf

if you have installed it via plesk then:
/usr/local/psa/etc/modules/watchdog/rkhunter.conf

(I prefer via yum)

then vim the appropriate .conf file for example /etc/rkhunter.conf
and find the line with: #XINETD_ALLOWED_SVC=/etc/xinetd.d/echo

below add the following lines:

XINETD_ALLOWED_SVC=/etc/xinetd.d/ftp_psa
XINETD_ALLOWED_SVC=/etc/xinetd.d/poppassd_psa
XINETD_ALLOWED_SVC=/etc/xinetd.d/smtp_psa
XINETD_ALLOWED_SVC=/etc/xinetd.d/smtps_psa
XINETD_ALLOWED_SVC=/etc/xinetd.d/submission_psa

save and quit and then try to run rkhunter -c –report-warnings-only

if you dont get any output then you’re done.