{"id":120,"date":"2009-04-13T21:43:00","date_gmt":"2009-04-13T21:43:00","guid":{"rendered":"https:\/\/defragged.org\/ossec\/?p=120"},"modified":"2020-07-02T21:44:03","modified_gmt":"2020-07-02T21:44:03","slug":"integrity-checking-application-profiles","status":"publish","type":"post","link":"https:\/\/defragged.org\/ossec\/2009\/04\/integrity-checking-application-profiles\/","title":{"rendered":"Integrity checking application profiles"},"content":{"rendered":"\n<p>We are trying to make&nbsp;<em>syscheck<\/em>&nbsp;(the integrity checking module on ossec) more useful than what it is now and we are looking for contributions to create application profiles. What we are looking exactly is a list of files\/directories (or registry entries) per application to be added to&nbsp;<a href=\"http:\/\/www.ossec.net\/\">ossec<\/a>.<\/p>\n\n\n\n<p>For example, files used by&nbsp;<strong>qmail<\/strong>:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\"><p>\/var\/qmail\/control\/<br>\/var\/qmail\/rc<\/p><\/blockquote>\n\n\n\n<p>by&nbsp;<strong>Named<\/strong>:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\"><p>\/var\/named\/chroot\/etc<br>\/var\/named\/data\/<\/p><\/blockquote>\n\n\n\n<p>By&nbsp;<strong>Apache<\/strong>:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\"><p>\/var\/www\/htdocs\/<\/p><\/blockquote>\n\n\n\n<p>A few more is on the wiki:&nbsp;<a href=\"http:\/\/www.ossec.net\/wiki\/index.php\/Dev:Syscheck\">http:\/\/www.ossec.net\/wiki\/index.php\/Dev:Syscheck<\/a><\/p>\n\n\n\n<p>We need that for Windows and Unix applications (including IIS, Anti virus, etc), open source and commercial\u2026 Any feedback is more than welcome.<\/p>\n\n\n\n<p><em>*You can add on your own to the wiki or just reply in here..<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>We are trying to make&nbsp;syscheck&nbsp;(the integrity checking module on ossec) more useful than what it is now and we are looking for contributions to create application profiles. What we are looking exactly is a list of files\/directories (or registry entries) per application to be added to&nbsp;ossec. For example, files used by&nbsp;qmail: \/var\/qmail\/control\/\/var\/qmail\/rc by&nbsp;Named: \/var\/named\/chroot\/etc\/var\/named\/data\/ By&nbsp;Apache: [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[],"_links":{"self":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts\/120"}],"collection":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/comments?post=120"}],"version-history":[{"count":1,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts\/120\/revisions"}],"predecessor-version":[{"id":121,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts\/120\/revisions\/121"}],"wp:attachment":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/media?parent=120"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/categories?post=120"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/tags?post=120"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}