That's not something encryption is going to help you with.
Thanks,
--
Daniel B. Cid
http://dcid.me
On Thu, Mar 22, 2012 at 6:16 PM, Michel Henrique Aquino Santos
michel@gmail.com wrote:
Hi,
an attacker can read the rules file and use any directory or file is not
monitored to carry out
: [ossec-list] Database and File rules encrypted?
Thanks for the reply. This is not good because it creates a vulnerability in
the system.
Att.
Em 22-03-2012 17:33, dan (ddp) escreveu:
Neither are encrypted in OSSEC.
On Thu, Mar 22, 2012 at 4:22 PM, Michel Henrique Aquino Santos
michel
: Thursday, March 22, 2012 15:52
To: ossec-list@googlegroups.com
Subject: Re: [ossec-list] Database and File rules encrypted?
If an attacker managed to enter the machine and gain privileged access, it
can read the configuration files if the OSSEC installed as local. Thus, you
can use a directory
Hello,
I'm doing an paper on university study (Federal University of Lavras -
UFLA - www.ufla.br), comparing four tools for checking integrity of
files (Tripwire, OSSEC, AIDE and Samhain).
I need some information about the tool OSSEC.
The generated database (snapshot) is encrypted? The rules file
Neither are encrypted in OSSEC.
On Thu, Mar 22, 2012 at 4:22 PM, Michel Henrique Aquino Santos
michel@gmail.com wrote:
Hello,
I'm doing an paper on university study (Federal University of Lavras - UFLA
- www.ufla.br), comparing four tools for checking integrity of files
(Tripwire, OSSEC,
Thanks for the reply. This is not good because it creates a
vulnerability in the system.
Att.
Em 22-03-2012 17:33, dan (ddp) escreveu:
Neither are encrypted in OSSEC.
On Thu, Mar 22, 2012 at 4:22 PM, Michel Henrique Aquino Santos
michel@gmail.com wrote:
Hello,
I'm doing an paper on
To: ossec-list@googlegroups.com
Subject: Re: [ossec-list] Database and File rules encrypted?
Thanks for the reply. This is not good because it creates a vulnerability in
the system.
Att.
Em 22-03-2012 17:33, dan (ddp) escreveu:
Neither are encrypted in OSSEC.
On Thu
From: ossec-list@googlegroups.com [mailto:ossec-list@googlegroups.com] On
Behalf Of Michel Henrique Aquino Santos
Sent: Thursday, March 22, 2012 3:54 PM
To: ossec-list@googlegroups.com
Subject: Re: [ossec-list] Database and File rules encrypted?
Thanks for the reply. This is not good
Hi,
an attacker can read the rules file and use any directory or file is not
monitored to carry out the attack.
Em 22-03-2012 18:04, Castle, Shane escreveu:
Just what is this vulnerability, specifically?
--
Att,
*Michel Henrique Aquino Santos*
Bacharelado em Ciência da Computação
*From:*ossec-list@googlegroups.com
[mailto:ossec-list@googlegroups.com] *On Behalf Of *Michel Henrique
Aquino Santos
*Sent:* Thursday, March 22, 2012 3:54 PM
*To:* ossec-list@googlegroups.com
*Subject:* Re: [ossec-list] Database and File rules
[mailto:ossec-list@googlegroups.com] On
Behalf Of Michel Henrique Aquino Santos
Sent: Thursday, March 22, 2012 15:52
To: ossec-list@googlegroups.com
Subject: Re: [ossec-list] Database and File rules encrypted?
If an attacker managed to enter the machine and gain privileged access, it can
read
11 matches
Mail list logo