From 495280d9dc4ff5efd555f50e65a120df1b780003 Mon Sep 17 00:00:00 2001 From: Dominik Lisiak Date: Sat, 13 Oct 2018 20:51:51 +0200 Subject: Initial commit for version 3.0.0 --- security/ossec-hids-local-config/opt-syscheck.mk | 41 ++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 security/ossec-hids-local-config/opt-syscheck.mk (limited to 'security/ossec-hids-local-config/opt-syscheck.mk') diff --git a/security/ossec-hids-local-config/opt-syscheck.mk b/security/ossec-hids-local-config/opt-syscheck.mk new file mode 100644 index 0000000..2c1210d --- /dev/null +++ b/security/ossec-hids-local-config/opt-syscheck.mk @@ -0,0 +1,41 @@ +SYSCHECK_MANAGED_CONF= 130.syscheck.conf +SYSCHECK_LOCAL_CONF= 530.syscheck.local.conf + +SYSCHECK_PROFILE= syscheck +SYSCHECK_DESC= File Integrity Checking + +# Default direcotries +SYSCHECK_DEFAULT_OPTION= DEFAULT_SC +SYSCHECK_DEFAULT_DESC= Check "bin", "sbin" and "etc" directories +SYSCHECK_DEFAULT_DEFINE= server local agent pushed +SYSCHECK_DEFAULT_DEFAULT= server local pushed +SYSCHECK_OPTIONS+= SYSCHECK_DEFAULT + +# OSSEC directories +SYSCHECK_OSSEC_OPTION= OSSEC_SC +SYSCHECK_OSSEC_DESC= Check OSSEC directories +SYSCHECK_OSSEC_DEFINE= server local agent pushed +SYSCHECK_OSSEC_DEFAULT= server local pushed +SYSCHECK_OPTIONS+= SYSCHECK_OSSEC + +# Alert new files +SYSCHECK_NEWFILES_OPTION= NEWFILES_SC +SYSCHECK_NEWFILES_DESC= Alert on new files created +SYSCHECK_NEWFILES_DEFINE= server local +SYSCHECK_NEWFILES_DEFAULT= server local +SYSCHECK_OPTIONS+= SYSCHECK_NEWFILES + +# Disable auto_ignore +SYSCHECK_NOAUTO_OPTION= NOAUTO_SC +SYSCHECK_NOAUTO_DESC= Disable auto_ignore feature +SYSCHECK_NOAUTO_DEFINE= server local +SYSCHECK_NOAUTO_DEFAULT= server local +SYSCHECK_OPTIONS+= SYSCHECK_NOAUTO + +# Ignore /etc/hosts.allow +SYSCHECK_HOSTDENY_DEPENDS= AR_HOSTDENY +SYSCHECK_HOSTDENY_OPTION= HOSTDENY_SC +SYSCHECK_HOSTDENY_DESC= Ignore access control files +SYSCHECK_HOSTDENY_DEFINE= server local agent pushed +SYSCHECK_HOSTDENY_DEFAULT= server local pushed +SYSCHECK_OPTIONS+= SYSCHECK_HOSTDENY -- cgit v1.2.3