miles sakaguchi wrote: > yea, I know I posted this queastion before but I have no answer yet. > I'm still researching it. when ossec is installed as local what rules > get installed
All of the rules are installed. and what types of attacks are checked for? and can ossec > check for updated rules to download? all of the attacks that would be detected with a distributed architecture are detected with a stand-alone installation. The rules are only updated when new versions are released (if you choose to), but of course you can add your own rules in-between releases.
