diff options
Diffstat (limited to 'security/ossec-hids-local-config/files')
10 files changed, 41 insertions, 15 deletions
diff --git a/security/ossec-hids-local-config/files/template-logs-default.xml.in b/security/ossec-hids-local-config/files/template-logs-system.xml.in index 47b9a77..eee09aa 100644 --- a/security/ossec-hids-local-config/files/template-logs-default.xml.in +++ b/security/ossec-hids-local-config/files/template-logs-system.xml.in @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="UTF-8"?> -<template_config os="FreeBSD" profile="%%LOGS_DEFAULT_PROFILE%%"> +<template_config os="FreeBSD" profile="%%LOGS_SYSTEM_PROFILE%%"> <localfile> <log_format>syslog</log_format> @@ -33,7 +33,7 @@ </template_config> -<template_config os="Linux" profile="%%LOGS_DEFAULT_PROFILE%%"> +<template_config os="Linux" profile="%%LOGS_SYSTEM_PROFILE%%"> <localfile> <log_format>syslog</log_format> diff --git a/security/ossec-hids-local-config/files/template-rootcheck-default.xml.in b/security/ossec-hids-local-config/files/template-rootcheck-basic.xml.in index 63e5f1e..37c2166 100644 --- a/security/ossec-hids-local-config/files/template-rootcheck-default.xml.in +++ b/security/ossec-hids-local-config/files/template-rootcheck-basic.xml.in @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="UTF-8"?> -<template_config os="FreeBSD" profile="%%ROOTCHECK_PROFILE%%"> +<template_config os="FreeBSD" profile="%%ROOTCHECK_BASIC_PROFILE%%"> <rootcheck> <rootkit_files>%%OSSEC_HOME%%/etc/shared/rootkit_files.txt</rootkit_files> @@ -10,14 +10,13 @@ </template_config> -<template_config os="Linux" profile="%%ROOTCHECK_PROFILE%%"> +<template_config os="Linux" profile="%%ROOTCHECK_BASIC_PROFILE%%"> <rootcheck> <rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files> <rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans> <system_audit>/var/ossec/etc/shared/system_audit_rcl.txt</system_audit> <system_audit>/var/ossec/etc/shared/system_audit_ssh.txt</system_audit> - <system_audit>/var/ossec/etc/shared/cis_debian_linux_rcl.txt</system_audit> </rootcheck> </template_config> diff --git a/security/ossec-hids-local-config/files/template-rootcheck-cis-l1.xml.in b/security/ossec-hids-local-config/files/template-rootcheck-cis-l1.xml.in new file mode 100644 index 0000000..1b2f20c --- /dev/null +++ b/security/ossec-hids-local-config/files/template-rootcheck-cis-l1.xml.in @@ -0,0 +1,9 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<template_config os="Linux" profile="%%ROOTCHECK_CIS_L1_PROFILE%%"> + + <rootcheck> + <system_audit>/var/ossec/etc/shared/cis_debianlinux7-8_L1_rcl.txt</system_audit> + </rootcheck> + +</template_config> diff --git a/security/ossec-hids-local-config/files/template-rootcheck-cis-l2.xml.in b/security/ossec-hids-local-config/files/template-rootcheck-cis-l2.xml.in new file mode 100644 index 0000000..d156887 --- /dev/null +++ b/security/ossec-hids-local-config/files/template-rootcheck-cis-l2.xml.in @@ -0,0 +1,9 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<template_config os="Linux" profile="%%ROOTCHECK_CIS_L2_PROFILE%%"> + + <rootcheck> + <system_audit>/var/ossec/etc/shared/cis_debianlinux7-8_L2_rcl.txt</system_audit> + </rootcheck> + +</template_config> diff --git a/security/ossec-hids-local-config/files/template-rootcheck-cis.xml.in b/security/ossec-hids-local-config/files/template-rootcheck-cis.xml.in new file mode 100644 index 0000000..0640be7 --- /dev/null +++ b/security/ossec-hids-local-config/files/template-rootcheck-cis.xml.in @@ -0,0 +1,9 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<template_config os="Linux" profile="%%ROOTCHECK_CIS_PROFILE%%"> + + <rootcheck> + <system_audit>/var/ossec/etc/shared/cis_debian_linux_rcl.txt</system_audit> + </rootcheck> + +</template_config> diff --git a/security/ossec-hids-local-config/files/template-syscheck-default.xml.in b/security/ossec-hids-local-config/files/template-syscheck-basic.xml.in index 78ae8f8..516b921 100644 --- a/security/ossec-hids-local-config/files/template-syscheck-default.xml.in +++ b/security/ossec-hids-local-config/files/template-syscheck-basic.xml.in @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="UTF-8"?> -<template_config os="FreeBSD" profile="%%SYSCHECK_PROFILE%%"> +<template_config os="FreeBSD" profile="%%SYSCHECK_BASIC_PROFILE%%"> <syscheck> <directories realtime="yes" check_all="yes">/bin,/sbin,/usr/bin,/usr/sbin,%%PREFIX%%/bin,%%PREFIX%%/sbin</directories> @@ -8,7 +8,7 @@ </template_config> -<template_config os="Linux" profile="%%SYSCHECK_PROFILE%%"> +<template_config os="Linux" profile="%%SYSCHECK_BASIC_PROFILE%%"> <syscheck> <directories realtime="yes" check_all="yes">/bin,/sbin,/usr/bin,/usr/sbin,/usr/local/bin,/usr/local/sbin</directories> diff --git a/security/ossec-hids-local-config/files/template-syscheck-hostdeny.xml.in b/security/ossec-hids-local-config/files/template-syscheck-hostdeny.xml.in index f35f4d5..07f278d 100644 --- a/security/ossec-hids-local-config/files/template-syscheck-hostdeny.xml.in +++ b/security/ossec-hids-local-config/files/template-syscheck-hostdeny.xml.in @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="UTF-8"?> -<template_config os="FreeBSD" profile="%%SYSCHECK_PROFILE%%"> +<template_config os="FreeBSD"> <syscheck> <ignore>/etc/hosts.allow</ignore> @@ -7,7 +7,7 @@ </template_config> -<template_config os="Linux" profile="%%SYSCHECK_PROFILE%%"> +<template_config os="Linux"> <syscheck> <ignore>/etc/hosts.deny</ignore> diff --git a/security/ossec-hids-local-config/files/template-syscheck-newfiles.xml.in b/security/ossec-hids-local-config/files/template-syscheck-newfiles.xml.in index 7a303e5..eee5915 100644 --- a/security/ossec-hids-local-config/files/template-syscheck-newfiles.xml.in +++ b/security/ossec-hids-local-config/files/template-syscheck-newfiles.xml.in @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="UTF-8"?> -<template_config os="FreeBSD" profile="%%SYSCHECK_PROFILE%%"> +<template_config os="FreeBSD"> <syscheck> <alert_new_files>yes</alert_new_files> @@ -7,7 +7,7 @@ </template_config> -<template_config os="Linux" profile="%%SYSCHECK_PROFILE%%"> +<template_config os="Linux"> <syscheck> <alert_new_files>yes</alert_new_files> diff --git a/security/ossec-hids-local-config/files/template-syscheck-noauto.xml.in b/security/ossec-hids-local-config/files/template-syscheck-noauto.xml.in index 03f5943..b71e1ae 100644 --- a/security/ossec-hids-local-config/files/template-syscheck-noauto.xml.in +++ b/security/ossec-hids-local-config/files/template-syscheck-noauto.xml.in @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="UTF-8"?> -<template_config os="FreeBSD" profile="%%SYSCHECK_PROFILE%%"> +<template_config os="FreeBSD"> <syscheck> <auto_ignore>no</auto_ignore> @@ -7,7 +7,7 @@ </template_config> -<template_config os="Linux" profile="%%SYSCHECK_PROFILE%%"> +<template_config os="Linux"> <syscheck> <auto_ignore>no</auto_ignore> diff --git a/security/ossec-hids-local-config/files/template-syscheck-ossec.xml.in b/security/ossec-hids-local-config/files/template-syscheck-ossec.xml.in index 8342f63..42911ef 100644 --- a/security/ossec-hids-local-config/files/template-syscheck-ossec.xml.in +++ b/security/ossec-hids-local-config/files/template-syscheck-ossec.xml.in @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="UTF-8"?> -<template_config os="FreeBSD" profile="%%SYSCHECK_PROFILE%%"> +<template_config os="FreeBSD" profile="%%SYSCHECK_OSSEC_PROFILE%%"> <syscheck> <directories realtime="yes" check_all="yes">%%OSSEC_SYSCHECK_BIN_DIRS%%</directories> @@ -8,7 +8,7 @@ </template_config> -<template_config os="Linux" profile="%%SYSCHECK_PROFILE%%"> +<template_config os="Linux" profile="%%SYSCHECK_OSSEC_PROFILE%%"> <syscheck> <directories realtime="yes" check_all="yes">/var/ossec/bin,/var/ossec/active-response,/var/ossec/agentless</directories> |