From 5cde0e0520c72804b6eac8f08d976db777d7ba04 Mon Sep 17 00:00:00 2001
From: Dominik Lisiak <dominik.lisiak@bemsoft.pl>
Date: Fri, 26 Oct 2018 18:45:19 +0200
Subject: Added CIS benchmarks. Improved profiles.

---
 .../files/template-rootcheck-basic.xml.in          | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 security/ossec-hids-local-config/files/template-rootcheck-basic.xml.in

(limited to 'security/ossec-hids-local-config/files/template-rootcheck-basic.xml.in')

diff --git a/security/ossec-hids-local-config/files/template-rootcheck-basic.xml.in b/security/ossec-hids-local-config/files/template-rootcheck-basic.xml.in
new file mode 100644
index 0000000..37c2166
--- /dev/null
+++ b/security/ossec-hids-local-config/files/template-rootcheck-basic.xml.in
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<template_config os="FreeBSD" profile="%%ROOTCHECK_BASIC_PROFILE%%">
+
+  <rootcheck>
+    <rootkit_files>%%OSSEC_HOME%%/etc/shared/rootkit_files.txt</rootkit_files>
+    <rootkit_trojans>%%OSSEC_HOME%%/etc/shared/rootkit_trojans.txt</rootkit_trojans>
+    <system_audit>%%OSSEC_HOME%%/etc/shared/system_audit_rcl.txt</system_audit>
+    <system_audit>%%OSSEC_HOME%%/etc/shared/system_audit_ssh.txt</system_audit>
+  </rootcheck>
+
+</template_config>
+
+<template_config os="Linux" profile="%%ROOTCHECK_BASIC_PROFILE%%">
+
+  <rootcheck>
+    <rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files>
+    <rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
+    <system_audit>/var/ossec/etc/shared/system_audit_rcl.txt</system_audit>
+    <system_audit>/var/ossec/etc/shared/system_audit_ssh.txt</system_audit>
+  </rootcheck>
+
+</template_config>
-- 
cgit v1.2.3