[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ossec-cvs] ossec-hids: make.bat (HEAD) setup-win.c (HEAD) [dcid]
- To: ossec-cvs@xxxxxxxxx
- Subject: [ossec-cvs] ossec-hids: make.bat (HEAD) setup-win.c (HEAD) [dcid]
- From: OSSEC CVS <cvs-commit@xxxxxxxxx>
- Date: Fri, 20 Jul 2007 23:53:24 -0300 (ADT)
- Content-transfer-encoding: 8bit
Module name: ossec-hids
Changes by: dcid 07/07/20 23:53:22
Modified files:
make.bat setup-win.c
Log message:
Description: fixing windows setup scripts.
Reviewed by: dcid
Bug:
Index: make.bat
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/win32/make.bat,v
diff -u -r1.18 -r1.19
--- make.bat 20 Jul 2007 00:19:27 -0000 1.18
+++ make.bat 21 Jul 2007 02:53:21 -0000 1.19
@@ -11,5 +11,3 @@
"C:\MinGW\bin\gcc.exe" -o add-localfile -Wall os_regex/*.c setup/add-localfile.c -I./
cd ui\
make
-cd ..
-copy ui\os_win32ui.exe os_win32ui.exe
Index: setup-win.c
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/win32/setup-win.c,v
diff -u -r1.34 -r1.35
--- setup-win.c 11 Jul 2007 23:27:31 -0000 1.34
+++ setup-win.c 21 Jul 2007 02:53:21 -0000 1.35
@@ -85,6 +85,8 @@
/* Getting Windows directory */
char *get_win_dir()
{
+ /* Ok, I should be getting %WINDIR% .. no reason to do that in here.
+ */
char *win_dir = "C:\\WINDOWS";
if(direxist(win_dir))
{
@@ -97,6 +99,12 @@
return(win_dir);
}
+ win_dir = "D:\\WINDOWS";
+ if(direxist(win_dir))
+ {
+ return(win_dir);
+ }
+
/* Default is WINDOWS */
return("C:\\WINDOWS");
@@ -120,7 +128,7 @@
"<!-- Default syscheck config -->\r\n"
"<ossec_config>\r\n"
" <syscheck>\r\n"
- " <frequency>43200</frequency>\r\n"
+ " <frequency>64800</frequency>\r\n"
" <directories check_all=\"yes\">"
"%s</directories>\r\n"
" </syscheck>\r\n"
@@ -284,33 +292,53 @@
char *win_dir;
FILE *fp;
+
+ /* Add syscheck config */
+ fp = fopen(OSSECCONF, "a");
+ if(!fp)
+ return(0);
+
+ /* We will also add rootcheck stuff if not present */
+ if(!dogrep(OSSECCONF, "<rootcheck>") && !dogrep(OSSECCONF,"windows_audit"))
+ {
+ fprintf(fp,
+ "\r\n"
+ "<!-- Rootcheck config -->\r\n"
+ "<ossec_config>\r\n"
+ " <rootcheck>\r\n"
+ " <windows_audit>./shared/win_audit_rcl.txt</windows_audit>\r\n"
+ " <windows_apps>./shared/win_applications_rcl.txt</windows_apps>\r\n"
+ " <windows_malware>./shared/win_malware_rcl.txt</windows_malware>\r\n"
+ " </rootcheck>\r\n"
+ "</ossec_config>\r\n"
+ );
+
+ }
+
+
/* We add here the last entry */
if(dogrep(OSSECCONF, "dllcache</ignore>"))
{
+ fclose(fp);
return(0);
}
/* Syscheck not configured, return */
if(!dogrep(OSSECCONF, "<syscheck>"))
{
+ fclose(fp);
return(0);
}
win_dir = get_win_dir();
-
- /* Add syscheck config */
- fp = fopen(OSSECCONF, "a");
- if(!fp)
- return(0);
-
fprintf(fp,
"\r\n"
"<!-- Updated syscheck config -->\r\n"
"<ossec_config>\r\n"
" <syscheck>\r\n"
- " <frequency>43200</frequency>\r\n"
+ " <frequency>64800</frequency>\r\n"
" <ignore>%s/System32/LogFiles</ignore>\r\n"
" <ignore>%s/system32/wbem/Logs</ignore>\r\n"
" <ignore>%s/Prefetch</ignore>\r\n"
@@ -389,15 +417,6 @@
/* Look if syscheck is configured, if it is, update it */
config_registry();
config_syscheck();
-
-
- /* Call manage-agents if no key */
- if(!fileexist(CLIENTKEYS))
- {
- /* Run manage agents */
- snprintf(cmd, OS_MAXSTR, "manage_agents.exe");
- system(cmd);
- }
/* Run iis-logs here too */
OSSEC home |
Main Index |
Thread Index
OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.