On Tue, 26 May 2015, fi...@vivaldi.net wrote:
I just looked in the root of my OSSEC installation on Ubuntu and noticed
dozens of files with names like ossec-hosts.CMvJNMB8af.
What could those be and what's the effect, if any, of deleting them?
Those are temporary files created by the host-deny.sh script when it
flushes an address from /etc/hosts.deny. The temporary file is removed
upon normal completion of the script. When you stop (or restart) ossec do
you notice your system load skyrocketing for minutes at a time long after
the stop? Do you have many addresses listed in /etc/hosts.deny?
Antonio Querubin
e-mail: t...@lavanauts.org
xmpp: antonioqueru...@gmail.com