Daniel Cid wrote:
Hi Dennis,
Rootcheck shouldn't be checking read-only file systems in there
(including /proc, /sys, etc). I made a small fix
for it and it is available at:
http://www.ossec.net/files/snapshots/ossec-hids-090304.tar.gz
If you can try it out, it would be great.
Hello all,
Does anyone have a windows configuration that is a little more tuned than
the default? I just installed it, and am getting alerts very often. I
assume there are windows files/folders that are updated regularly and need
to exclude them. Any other windows tips?
Thanks
I would be interested in this as well.
Robert
On Mar 2, 9:47 am, rob.butterwo...@gmail.com wrote:
Hi,
Has anyone got OSSEC to parse WatchguardFireboxlogs ? I have my
logs coming in via syslog, and being stored, but if I run them through
logtest they get recognized as Debian dpkg logs, so I