Re: [ossec-list] Protect Ossec from being uninstalled

Hi, Im not sure, after searching on Google, you have interesting articles with many options, for example: http://windowsreport.com/protect-files-deletion-windows-10/ Please, try and share with us your findings. Best regards, —PG -- --- You received this message because you are

Re: [ossec-list] Protect Ossec from being uninstalled

Excellent. And on Windows? On Sunday, June 4, 2017 at 11:56:41 PM UTC+3, PG@Wazuh wrote: > > Hi. > > In linux clients, you can try chattr. Using attributes, you can set > unchangeable flag to binaries and only append flag to configuration files > (for example client.keys). > > $ man chattr >

[ossec-list] How to know when syscheck agent finishes a scan?

I just started to use ossec, and was doing some testing by making some changes in a file in a directory, and then I run from the server: /var/ossec/bin/agent_control -r -a if I do a query on the agent: /var/ossec/bin/agent_control -i 1027 It will show last time it started but never

Re: [ossec-list] OSSEC windows agent on non-English Windows

On icaclc you can use shoter form: system("icacls * /T /grant \"*S-1-5-32-544:F\""); or: system("icacls * /Q /T /grant \"*S-1-5-32-544:F\""); "echo y|" is unnecessary, but I don't tested it yet. -- --- You received this message because you are subscribed to the Google Groups "ossec-list"

[ossec-list] Re: Email Notification using msmtp..

Hi Rakesh, In case that your SMTP server has authentication (like Gmail), it is necessary to configure a server relay because OSSEC does not support it