On 26.06.2013 06:43, Andy wrote:
I went through similar a long time ago, ripped a few hundred rules
for
several Cisco families, then realised that OSSEC is an IDS not a
system admin tool for when a PSU faile...
..though, Security triad = CIA . where A = availability.. hhmm
Exactly. Although it certainly doesn't hurt to review the rules we have
to ensure that we have coverage of the good stuff. That and the decoder.
I have made some ASA decoder changes recently that are important since
sometimes the IP wasn't being decoded.
--
---
You received this message because you are subscribed to the Google Groups "ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
