Dear Dan,
If I look into my ossec.conf I can see this both these
apache_rules.xml and web_appsec_rules.xml and I can see it monitors the
/var/log/httpd/error_log. What else do I need to check on ? Is monitoring
just fine or must I still create rules sorry I am newbie into this. Besides
that when will the rootkit check will be done on a period basic or launch
manually ?
On Wednesday, November 6, 2013 12:29:02 AM UTC+8, dan (ddpbsd) wrote:
>
> On Sun, Nov 3, 2013 at 12:51 PM, frwa onto <[email protected]<javascript:>>
> wrote:
> > Dear All,
> > I am new to ossec. I am still learning how it works just
> > wondering can it detect scraper activities because I have banned
> directory
> > traversing but I notice yet the scrapper manage to get to some of the
> > directories but got this error Directory index forbidden by Options
> > directive:
> >
>
> Are these logs being monitored by OSSEC? You should be able to create
> a rule looking for the log message.
>
> > --
> >
> > ---
> > You received this message because you are subscribed to the Google
> Groups
> > "ossec-list" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an
> > email to [email protected] <javascript:>.
> > For more options, visit https://groups.google.com/groups/opt_out.
>
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
