Is there a way with OSSEC to create a white list of packages that should be
installed on my Red Hat server and create an ongoing alert that's triggered
if an unauthorized package (non-white-list) is installed? My concern is if
someone installs an unauthorized package and I miss the alert or the
y,
> you
>will see only alerts for packages which are not in the list.
>
> I hope it helps.
> Regards.
>
> On Wednesday, September 14, 2016 at 10:27:07 PM UTC+2, Shawn Wiley wrote:
>>
>> Is there a way with OSSEC to create a white list of packages that should
What I was trying to say...
Is there a way to install the OSSEC server package without the three GeoIP
packages? Also if I do not turn on the GeoIP functionality in the
ossec.conf file will the packages just sit dormant? I want to install the
least amount of additional packages to my web
Is there a way to the OSSEC server without the three GeoIP packages or at
least force the packages to not be used? I'd like to install the least
amount of additional packages to my web server as possible.
Thanks,
Shawn
--
---
You received this message because you are subscribed to the
I have a pair of Red Hat 6 servers which will be deployed "high risk"
internet facing. I'd like to install the OSSEC software to monitor for
changes to the server, root kits, and compliance checking. I have
successfully deployed OSSEC before as an agent talking back to an OSSEC
server but I
