came across this -
http://www.ossec.net/files/ossec-hids-2.7-release-note.txt
=== Rootcheck
== support rootcheck fine-grain configuration control -- yes/no of
individual checks
- etc/ossec.conf
<ossec_config>
<rootcheck>
<!-- new options to run on/off individual rootchecks,
yes(default)/no -->
<check_files>yes</check_files>
<check_trojans>yes</check_trojans>
<check_unixaudit>yes</check_unixaudit>
<check_dev>yes</check_dev>
<check_sys>yes</check_sys>
<check_ports>yes</check_ports>
<check_if>yes</check_if>
<check_pids>yes</check_pids>
</rootcheck>
</ossec_config>
'll check if its supported on v2.9.2 as well.
Thanks,
Anoop
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
