,
Marco
--
Marco Bonetti
Tor research and other stuff: http://sid77.slackware.it/
Slackintosh Linux Project Developer: http://workaround.ch/
Linux-live for powerpc: http://workaround.ch/pub/rsync/mb/linux-live/
My GnuPG key id: 0x0B60BC5F
permissions to anyone.
How do I test my local rules against this event? I tried to feed the reported
Portion of the log(s): to ossec-logtest but it doesn't trigger. My current
solution is to trigger a rootchek but I'm not liking it very much, any other
ideas?
Ciao,
Marco
--
Marco Bonetti
Tor
ok, thank you!
--
Marco Bonetti
Tor research and other stuff: http://sid77.slackware.it/
Slackintosh Linux Project Developer: http://workaround.ch/
Linux-live for powerpc: http://workaround.ch/pub/rsync/mb/linux-live/
My GnuPG key id: 0x0B60BC5F
like srcuser from the report tool?
Thanks in advance,
Marco
--
Marco Bonetti
Tor research and other stuff: http://sid77.slackware.it/
Slackintosh Linux Project Developer: http://workaround.ch/
Linux-live for powerpc: http://workaround.ch/pub/rsync/mb/linux-live/
My GnuPG key id: 0x0B60BC5F