subject:"\[ossec\-list\] rootcheck\/rootkit rules"

[ossec-list] rootcheck/rootkit rules

2012-06-07 Thread Kat

Just wondering where to find docs on writing/updating rules for
rootkit/rootcheck? Format and all that is what I am looking for. I am
looking through the various root check files under etc/shared, but
can't seem to find the syntax for these files in the docs. :-(

Any help/suggestions?

-K

Re: [ossec-list] rootcheck/rootkit rules

2012-06-07 Thread dan (ddp)

I haven't really messed with that, so there aren't any docs that I'm aware of.

On Thu, Jun 7, 2012 at 12:10 PM, Kat uncommon...@gmail.com wrote:
 Just wondering where to find docs on writing/updating rules for
 rootkit/rootcheck? Format and all that is what I am looking for. I am
 looking through the various root check files under etc/shared, but
 can't seem to find the syntax for these files in the docs. :-(

 Any help/suggestions?

 -K

[ossec-list] rootcheck/rootkit rules

Re: [ossec-list] rootcheck/rootkit rules

2 matches

Site Navigation

Mail list logo

Footer information