Excellent. And on Windows?
On Sunday, June 4, 2017 at 11:56:41 PM UTC+3, PG@Wazuh wrote:
>
> Hi.
>
> In linux clients, you can try chattr. Using attributes, you can set
> unchangeable flag to binaries and only append flag to configuration files
> (for example client.keys).
>
> $ man chattr
>
Hello,
I wanted to investigate the possibility of protecting the ossec agent from
being uninstalled and removed from clients. This has been a concern of
mine for a while. A scenario would be a piece of malware exploiting the
system using administrative privileges. In this case the ossec