Re: [ossec-list] Errors with telnet.exe binary under Windows 2008 R2

Sat, 25 Aug 2012 14:15:14 -0700 

On 08/25/2012 09:17 PM, Ryan Schulze wrote:

forward slash, backslash problem ?

'C:\Windows/System32/telnet.exe' != 'C:\Windows\System32\telnet.exe'
Nop, because all other binaries are checked right and are coded in the same way:
2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\config.sys'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/at.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/attrib.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/cacls.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/eventcreate.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/ftp.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/net.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/net1.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/netsh.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/reg.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/regedit.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/regedt32.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/regsvr32.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/runas.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/sc.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/subst.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/telnet.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/tftp.exe'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Windows/System32/drivers/etc'. 2012/08/25 17:46:01 ossec-agent: INFO: Monitoring directory: 'C:\Documents and Settings/All Users/Start Menu/Programs/Startup' 




--
CL Martinez
carlopmart {at} gmail {d0t} com

Reply via email to