[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-dev] Re: an idea?

To: ossec-dev@xxxxxxxxxxxxxxxx
Subject: [ossec-dev] Re: an idea?
From: Brad Lhotsky <lhotskyb@xxxxxxxxxxxx>
Date: Wed, 06 Jun 2007 09:44:02 -0400
Content-transfer-encoding: 7bit

for RPM based systems (and from my perspective), rpm -ql packagename vs
the changes would severely limit the number of false positives.

Patrick Roelke wrote:
> 
> I think the idea has been raised before. I believe the consensus is it
> was difficult to implement as it was difficult to discern what yum was
> doing versus something malicious.
> 
> 
> On 6/5/07, Brad Lhotsky <lhotskyb@xxxxxxxxxxxx> wrote:

-- 
Brad Lhotsky                            <lhotskyb@xxxxxxxxxxxx>
NCTS Computer Specialist                    Phone: 410.558.8006
"Darkness is a state of mind, I can go where you would stumble."
 -Wolfsheim, 'Blind'

References:
- [ossec-dev] an idea?
  - From: Brad Lhotsky
- [ossec-dev] Re: an idea?
  - From: Patrick Roelke

Prev by Date: [ossec-dev] Re: an idea?
Next by Date: [ossec-dev] Remote log injection paper
Previous by thread: [ossec-dev] Re: an idea?
Next by thread: [ossec-dev] Remote log injection paper
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.