20.12.2012 18:14, dan (ddp) пишет:
On Thu, Dec 20, 2012 at 9:12 AM, Уласов Алексей wrote:
20.12.2012 17:41, dan (ddp) пишет:
On Sun, Dec 16, 2012 at 2:20 PM, orfan wrote:
Where is ossec stores rootcheck's base?
What do you mean by rootcheck's base?
четверг, 13 декабря 2012 г., 22:18:04 UTC
20.12.2012 18:14, dan (ddp) пишет:
On Thu, Dec 20, 2012 at 9:12 AM, Уласов Алексей wrote:
20.12.2012 17:41, dan (ddp) пишет:
On Sun, Dec 16, 2012 at 2:20 PM, orfan wrote:
Where is ossec stores rootcheck's base?
What do you mean by rootcheck's base?
четверг, 13 декабря 2012 г., 22:18:04 UTC
On Thu, Dec 20, 2012 at 9:12 AM, Уласов Алексей wrote:
> 20.12.2012 17:41, dan (ddp) пишет:
>
> On Sun, Dec 16, 2012 at 2:20 PM, orfan wrote:
>
> Where is ossec stores rootcheck's base?
>
> What do you mean by rootcheck's base?
>
> четверг, 13 декабря 2012 г., 22:18:04 UTC+4 пользователь orfan на
20.12.2012 17:41, dan (ddp) пишет:
On Sun, Dec 16, 2012 at 2:20 PM, orfan wrote:
Where is ossec stores rootcheck's base?
What do you mean by rootcheck's base?
четверг, 13 декабря 2012 г., 22:18:04 UTC+4 пользователь orfan написал:
./rootcheck_control -i 004
Policy and auditing events fo
On Sun, Dec 16, 2012 at 2:20 PM, orfan wrote:
> Where is ossec stores rootcheck's base?
>
What do you mean by rootcheck's base?
> четверг, 13 декабря 2012 г., 22:18:04 UTC+4 пользователь orfan написал:
>>
>> ./rootcheck_control -i 004
>>
>> Policy and auditing events for agent 'venus (004) - 10
Where is ossec stores rootcheck's base?
четверг, 13 декабря 2012 г., 22:18:04 UTC+4 пользователь orfan написал:
>
> ./rootcheck_control -i 004
>
> Policy and auditing events for agent 'venus (004) - 10.0.0.3':
>
> Resolved events:
> 2012 Dec 08 03:14:03 (first time detected: 2012 Dec 08 03:14:0
./rootcheck_control -i 004
Policy and auditing events for agent 'venus (004) - 10.0.0.3':
Resolved events:
2012 Dec 08 03:14:03 (first time detected: 2012 Dec 08 03:14:03)
System Audit: System Audit: Possible backdoor. File:
/usr/home/www/mysite/htdocs/dumper.php.
Outstanding events:
2012 D
On Wed, Dec 12, 2012 at 10:07 AM, orfan wrote:
> Ossec don't send messages about system audit events. But I can see the
> events when run 'rootcheck_control -i XXX'. And there is no records about
> that events in alert.log file. It worked before, i recieved the email about
> system audit events f
Ossec don't send messages about system audit events. But I can see the
events when run 'rootcheck_control -i XXX'. And there is no records about
that events in alert.log file. It worked before, i recieved the email
about system audit events from ossec. I don't know why it not work now.
среда,
On Mon, Dec 10, 2012 at 10:12 AM, orfan wrote:
> I have ossec-hids-server-2.6_2.
>
>
> ossec
> rootcheck
> Rootcheck event.
> rootcheck,
>
>
> Decoded as "rootcheck", but i can't find rootcheck decoder in decoder.xml.
> Is it normal?
>
>
I believe that decoder is actually cod
I have ossec-hids-server-2.6_2.
ossec
rootcheck
Rootcheck event.
rootcheck,
Decoded as "rootcheck", but i can't find rootcheck decoder in decoder.xml.
Is it normal?
11 matches
Mail list logo