[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-list] Re: Where signatures are stored

To: ossec-list@xxxxxxxxxxxxxxxx
Subject: [ossec-list] Re: Where signatures are stored
From: gentuxx <gentuxx@xxxxxxxxx>
Date: Tue, 05 Sep 2006 20:53:58 -0700
Content-transfer-encoding: 7bit

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Forrest Aldrich wrote:
> 
> I'm newly installing OSSEC on some production systems.
> 
> Trying to understand when OSSEC creates signatures of the system
> binaries and where this is stored (agent and server).
> 
> Or is this something I must configure it to do, apart from the stock
> configuration (out-of-the-box), which I plan on tweaking later.
> 
> 
> Thanks.
> 
> 
I assume you're talking about hashing of files and where the hashes are
stored.  This is accomplished by the syscheck daemon.  Check the
/var/ossec/queue/syscheck directory.  This should have files for the
server and each agent.  The hashes are stored there, but I don't know
why you would want to be able to access them outside of OSSEC.

- --
gentux
echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge'

gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239  D840 4CF0 39E2
18D3 4A9E
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFE/kZWTPA54hjTSp4RAnqDAJ4jD5yeBmXPqvmxSqwKyUPpFFWPywCfSSyn
+A0XYkMOq/Bp9BsvkizpwZ4=
=GFq9
-----END PGP SIGNATURE-----

References:
- [ossec-list] Where signatures are stored
  - From: Forrest Aldrich

Prev by Date: [ossec-list] Re: /etc/client.keys not found
Next by Date: [ossec-list] Re: /etc/client.keys not found
Previous by thread: [ossec-list] Where signatures are stored
Next by thread: [ossec-list] /etc/client.keys not found
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.