[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-list] Re: very interesting reading

To: ossec-list@xxxxxxxxxxxxxxxx
Subject: [ossec-list] Re: very interesting reading
From: "Daniel Cid" <daniel.cid@xxxxxxxxx>
Date: Fri, 28 Jul 2006 20:40:31 -0300
Content-disposition: inline
Content-transfer-encoding: 7bit


Thanks for the link. Looking at that tests, these are ossec results:

Version 0.9
Date Jul 25/2006 	
PGP Signature YES
Language C
Required none 	
Log Options stdout,syslog and ossec-server
DB sign/crypt no (stored externally)
Conf sign/crypt no (stored externally)
Name Expansion (directories or files)
Duplicate Path NO
PATH_MAX OK
Root Inode OK
Non-printable OK
No User OK
No Group OK
Lock Hangs
Race Hangs
/proc OK
/dev OK
Crea/Del OK

To be OK in all the tests, we will need to add some options to timeout
if the read
calls are taking too longer and check for duplicated directories.
However, mandatory file locking is not by default on Linux (or any
other Unix) and the named pipe issue is
not very probable (since ossec does not monitor file owned by users)...

*we will fix all of that for next version.

--
Daniel B. Cid
dcid ( at ) ossec.net

On 7/28/06, Meir Michanie <meirgotroot@xxxxxxxxx> wrote:

http://www.la-samhna.de/library/scanners.html

if ppl working on OSSEC can assimilate knowledge from it and implement it in
OSSEC we should all benefit

References:
- [ossec-list] very interesting reading
  - From: Meir Michanie

Prev by Date: [ossec-list] very interesting reading
Next by Date: [ossec-list] Re: Agent run slow on windows
Previous by thread: [ossec-list] very interesting reading
Next by thread: [ossec-list] Re: Agent run slow on windows
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.