Re: [ossec-list] Database and File rules encrypted?

That's not something encryption is going to help you with. Thanks, -- Daniel B. Cid http://dcid.me On Thu, Mar 22, 2012 at 6:16 PM, Michel Henrique Aquino Santos michel@gmail.com wrote: Hi, an attacker can read the rules file and use any directory or file is not monitored to carry out

Re: [ossec-list] Database and File rules encrypted?

: [ossec-list] Database and File rules encrypted? Thanks for the reply. This is not good because it creates a vulnerability in the system. Att. Em 22-03-2012 17:33, dan (ddp) escreveu: Neither are encrypted in OSSEC. On Thu, Mar 22, 2012 at 4:22 PM, Michel Henrique Aquino Santos michel

Re: [ossec-list] Database and File rules encrypted?

: Thursday, March 22, 2012 15:52 To: ossec-list@googlegroups.com Subject: Re: [ossec-list] Database and File rules encrypted? If an attacker managed to enter the machine and gain privileged access, it can read the configuration files if the OSSEC installed as local. Thus, you can use a directory

[ossec-list] Database and File rules encrypted?

Hello, I'm doing an paper on university study (Federal University of Lavras - UFLA - www.ufla.br), comparing four tools for checking integrity of files (Tripwire, OSSEC, AIDE and Samhain). I need some information about the tool OSSEC. The generated database (snapshot) is encrypted? The rules file

Re: [ossec-list] Database and File rules encrypted?

Neither are encrypted in OSSEC. On Thu, Mar 22, 2012 at 4:22 PM, Michel Henrique Aquino Santos michel@gmail.com wrote: Hello, I'm doing an paper on university study (Federal University of Lavras - UFLA - www.ufla.br), comparing four tools for checking integrity of files (Tripwire, OSSEC,

Re: [ossec-list] Database and File rules encrypted?

Thanks for the reply. This is not good because it creates a vulnerability in the system. Att. Em 22-03-2012 17:33, dan (ddp) escreveu: Neither are encrypted in OSSEC. On Thu, Mar 22, 2012 at 4:22 PM, Michel Henrique Aquino Santos michel@gmail.com wrote: Hello, I'm doing an paper on

RE: [ossec-list] Database and File rules encrypted?

To: ossec-list@googlegroups.com Subject: Re: [ossec-list] Database and File rules encrypted? Thanks for the reply. This is not good because it creates a vulnerability in the system. Att. Em 22-03-2012 17:33, dan (ddp) escreveu: Neither are encrypted in OSSEC. On Thu

RE: [ossec-list] Database and File rules encrypted?

From: ossec-list@googlegroups.com [mailto:ossec-list@googlegroups.com] On Behalf Of Michel Henrique Aquino Santos Sent: Thursday, March 22, 2012 3:54 PM To: ossec-list@googlegroups.com Subject: Re: [ossec-list] Database and File rules encrypted? Thanks for the reply. This is not good

Re: [ossec-list] Database and File rules encrypted?

Hi, an attacker can read the rules file and use any directory or file is not monitored to carry out the attack. Em 22-03-2012 18:04, Castle, Shane escreveu: Just what is this vulnerability, specifically? -- Att, *Michel Henrique Aquino Santos* Bacharelado em Ciência da Computação

Re: [ossec-list] Database and File rules encrypted?

*From:*ossec-list@googlegroups.com [mailto:ossec-list@googlegroups.com] *On Behalf Of *Michel Henrique Aquino Santos *Sent:* Thursday, March 22, 2012 3:54 PM *To:* ossec-list@googlegroups.com *Subject:* Re: [ossec-list] Database and File rules

RE: [ossec-list] Database and File rules encrypted?

[mailto:ossec-list@googlegroups.com] On Behalf Of Michel Henrique Aquino Santos Sent: Thursday, March 22, 2012 15:52 To: ossec-list@googlegroups.com Subject: Re: [ossec-list] Database and File rules encrypted? If an attacker managed to enter the machine and gain privileged access, it can read