Hi Serge, The idea behind ossec's agent/server architecture is that by keeping the integrity check databases and main configuration files on the server side, If any of the agents are compromised, the central server will not be affected (and all your logs, configs and dbs will be intact). That's how we check that the db wasn't modified...
hope it helps. -- Daniel B. Cid dcid ( at ) ossec.net On 5/24/07, Serge Dubrouski <[EMAIL PROTECTED]> wrote: > > Hello - > > Does OSSEC support a digital signatures for configuration files and > integrity check databases? How does it make sure that DBs with > checksums weren't compromised from the last check? > > Thanks. >
