Is there a way with OSSEC to create a white list of packages that should be installed on my Red Hat server and create an ongoing alert that's triggered if an unauthorized package (non-white-list) is installed? My concern is if someone installs an unauthorized package and I miss the alert or the alert is cleared would the package be able to continue to run without any new alerts being generated? Can I use OSSEC in this test case or is there another tool I need to use? Thanks in advance for any advice.
-Shawn -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.