I tested it and it works. OSSEC does not throw any errors. However, you will have to make sense of the alerts it generates.
On Mon, Apr 23, 2012 at 8:34 AM, dan (ddp) <[email protected]> wrote: > I don't see why not. A lot of it might be ignored by default since on > some systems /dev is fairly dynamic. > > 2012/4/20 Michel Henrique Aquino Santos <[email protected]>: > > Hi, the OSSEC can check the directory /dev > > > > rule: > > > > ... > > <directories check_all="yes">/dev</directories> > > ... > > > > Thanks! > > -- > > Att, > > > > Michel Henrique Aquino Santos > > Bacharelado em Ciência da Computação > > Universidade Federal de Lavras - UFLA > > Skype: michel_has > > Gtalk: michel.has > > [email protected] > > > > Linux User # 496756 > > > > http://resolvidoslinux.blogspot.com/ >
