Lines 1-18
Link Here
|
1 |
@info(root,ossec,0750) /var/ossec/active-response/bin/default-firewall-drop.sh |
|
|
2 |
@info(root,ossec,0750) /var/ossec/active-response/bin/disable-account.sh |
3 |
@info(root,ossec,0750) /var/ossec/active-response/bin/firewalld-drop.sh |
4 |
@info(root,ossec,0750) /var/ossec/active-response/bin/host-deny.sh |
5 |
@info(root,ossec,0750) /var/ossec/active-response/bin/ip-customblock.sh |
6 |
@info(root,ossec,0750) /var/ossec/active-response/bin/ipfw.sh |
7 |
@info(root,ossec,0750) /var/ossec/active-response/bin/ipfw_mac.sh |
8 |
@info(root,ossec,0750) /var/ossec/active-response/bin/kaspersky.sh |
9 |
@info(root,ossec,0750) /var/ossec/active-response/bin/npf.sh |
10 |
@info(root,ossec,0750) /var/ossec/active-response/bin/ossec-slack.sh |
11 |
@info(root,ossec,0750) /var/ossec/active-response/bin/ossec-tweeter.sh |
12 |
@info(root,ossec,0750) /var/ossec/active-response/bin/pf.sh |
13 |
@info(root,ossec,0750) /var/ossec/active-response/bin/restart-ossec.sh |
14 |
@info(root,ossec,0750) /var/ossec/active-response/bin/restart.sh |
15 |
@info(root,ossec,0750) /var/ossec/active-response/bin/route-null.sh |
16 |
@info(root,ossec,0750) /var/ossec/agentless/main.exp |
1 |
@info(root,ossec,0750) /var/ossec/agentless/main.exp |
17 |
@info(root,ossec,0750) /var/ossec/agentless/register_host.sh |
2 |
@info(root,ossec,0750) /var/ossec/agentless/register_host.sh |
18 |
@info(root,ossec,0750) /var/ossec/agentless/ssh.exp |
3 |
@info(root,ossec,0750) /var/ossec/agentless/ssh.exp |
Lines 27-65
Link Here
|
27 |
@info(root,ossec,0750) /var/ossec/agentless/su.exp |
12 |
@info(root,ossec,0750) /var/ossec/agentless/su.exp |
28 |
@info(root,root,0750) /var/ossec/bin/agent-auth |
13 |
@info(root,root,0750) /var/ossec/bin/agent-auth |
29 |
@info(root,root,0750) /var/ossec/bin/manage_agents |
14 |
@info(root,root,0750) /var/ossec/bin/manage_agents |
30 |
@info(root,root,0750) /var/ossec/bin/ossec-agentd |
15 |
@info(root,root,0750) /var/ossec/bin/wazuh-agentd |
31 |
@info(root,root,0750) /var/ossec/bin/ossec-control |
16 |
@info(root,root,0750) /var/ossec/bin/wazuh-control |
32 |
@info(root,root,0750) /var/ossec/bin/ossec-execd |
17 |
@info(root,root,0750) /var/ossec/bin/wazuh-execd |
33 |
@info(root,root,0750) /var/ossec/bin/ossec-logcollector |
18 |
@info(root,root,0750) /var/ossec/bin/wazuh-logcollector |
34 |
@info(root,root,0750) /var/ossec/bin/ossec-syscheckd |
|
|
35 |
@info(root,root,0750) /var/ossec/bin/util.sh |
36 |
@info(root,root,0750) /var/ossec/bin/wazuh-modulesd |
19 |
@info(root,root,0750) /var/ossec/bin/wazuh-modulesd |
|
|
20 |
@info(root,root,0750) /var/ossec/bin/wazuh-syscheckd |
37 |
@info(root,ossec,0640) /var/ossec/etc/client.keys |
21 |
@info(root,ossec,0640) /var/ossec/etc/client.keys |
38 |
@info(root,ossec,0640) /var/ossec/etc/internal_options.conf |
22 |
@info(root,ossec,0640) /var/ossec/etc/internal_options.conf |
39 |
@info(root,ossec,0640) /var/ossec/etc/local_internal_options.conf |
23 |
@info(root,ossec,0640) /var/ossec/etc/local_internal_options.conf |
40 |
@info(root,ossec,0640) /var/ossec/etc/ossec.conf.sample |
24 |
@info(root,ossec,0640) /var/ossec/etc/ossec.conf.sample |
41 |
@info(root,ossec,0640) /var/ossec/etc/ossec.conf |
25 |
@info(root,ossec,0640) /var/ossec/etc/ossec.conf |
42 |
@info(root,ossec,0660) /var/ossec/etc/shared/cis_apache2224_rcl.txt |
|
|
43 |
@info(root,ossec,0660) /var/ossec/etc/shared/cis_debian_linux_rcl.txt |
44 |
@info(root,ossec,0660) /var/ossec/etc/shared/cis_mysql5-6_community_rcl.txt |
45 |
@info(root,ossec,0660) /var/ossec/etc/shared/cis_mysql5-6_enterprise_rcl.txt |
46 |
@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel5_linux_rcl.txt |
47 |
@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel6_linux_rcl.txt |
48 |
@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel7_linux_rcl.txt |
49 |
@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel_linux_rcl.txt |
50 |
@info(root,ossec,0660) /var/ossec/etc/shared/cis_sles11_linux_rcl.txt |
51 |
@info(root,ossec,0660) /var/ossec/etc/shared/cis_sles12_linux_rcl.txt |
52 |
@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_domainL1_rcl.txt |
53 |
@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_domainL2_rcl.txt |
54 |
@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_memberL1_rcl.txt |
55 |
@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_memberL2_rcl.txt |
56 |
@info(root,ossec,0660) /var/ossec/etc/shared/rootkit_files.txt |
57 |
@info(root,ossec,0660) /var/ossec/etc/shared/rootkit_trojans.txt |
58 |
@info(root,ossec,0660) /var/ossec/etc/shared/system_audit_rcl.txt |
59 |
@info(root,ossec,0660) /var/ossec/etc/shared/system_audit_ssh.txt |
60 |
@info(root,ossec,0660) /var/ossec/etc/shared/win_applications_rcl.txt |
61 |
@info(root,ossec,0660) /var/ossec/etc/shared/win_audit_rcl.txt |
62 |
@info(root,ossec,0660) /var/ossec/etc/shared/win_malware_rcl.txt |
63 |
@info(root,ossec,0640) /var/ossec/etc/wpk_root.pem |
26 |
@info(root,ossec,0640) /var/ossec/etc/wpk_root.pem |
64 |
@info(root,ossec,0750) /var/ossec/lib/libwazuhext.so |
27 |
@info(root,ossec,0750) /var/ossec/lib/libwazuhext.so |
65 |
@info(ossec,ossec,0666) /var/ossec/logs/active-responses.log |
28 |
@info(ossec,ossec,0666) /var/ossec/logs/active-responses.log |
Lines 78-92
Link Here
|
78 |
@dir(ossec,ossec,0770) /var/ossec/etc |
41 |
@dir(ossec,ossec,0770) /var/ossec/etc |
79 |
@dir(root,ossec,0750) /var/ossec/lib |
42 |
@dir(root,ossec,0750) /var/ossec/lib |
80 |
@dir(ossec,ossec,0750) /var/ossec/logs/ossec |
43 |
@dir(ossec,ossec,0750) /var/ossec/logs/ossec |
|
|
44 |
@dir(ossec,ossec,0750) /var/ossec/logs/wazuh |
81 |
@dir(ossec,ossec,0770) /var/ossec/logs |
45 |
@dir(ossec,ossec,0770) /var/ossec/logs |
82 |
@dir(ossec,ossec,0770) /var/ossec/queue/alerts |
46 |
@dir(ossec,ossec,0770) /var/ossec/queue/alerts |
83 |
@dir(ossec,ossec,0750) /var/ossec/queue/diff |
47 |
@dir(ossec,ossec,0750) /var/ossec/queue/diff |
84 |
@dir(ossec,ossec,0770) /var/ossec/queue/fim/db |
48 |
@dir(ossec,ossec,0770) /var/ossec/queue/fim/db |
85 |
@dir(ossec,ossec,0770) /var/ossec/queue/fim |
49 |
@dir(ossec,ossec,0770) /var/ossec/queue/fim |
|
|
50 |
@dir(ossec,ossec,0750) /var/ossec/queue/logcollector |
86 |
@dir(ossec,ossec,0770) /var/ossec/queue/ossec/fim/db |
51 |
@dir(ossec,ossec,0770) /var/ossec/queue/ossec/fim/db |
87 |
@dir(ossec,ossec,0770) /var/ossec/queue/ossec/fim |
52 |
@dir(ossec,ossec,0770) /var/ossec/queue/ossec/fim |
88 |
@dir(ossec,ossec,0770) /var/ossec/queue/ossec |
53 |
@dir(ossec,ossec,0770) /var/ossec/queue/ossec |
89 |
@dir(ossec,ossec,0750) /var/ossec/queue/rids |
54 |
@dir(ossec,ossec,0750) /var/ossec/queue/rids |
|
|
55 |
@dir(ossec,ossec,0770) /var/ossec/queue/sockets |
56 |
@dir(ossec,ossec,0770) /var/ossec/queue/syscollector/db |
57 |
@dir(ossec,ossec,0770) /var/ossec/queue/syscollector |
90 |
@dir(root,ossec,0750) /var/ossec/queue |
58 |
@dir(root,ossec,0750) /var/ossec/queue |
91 |
@dir(root,ossec,0750) /var/ossec/ruleset/sca |
59 |
@dir(root,ossec,0750) /var/ossec/ruleset/sca |
92 |
@dir(root,ossec,0750) /var/ossec/ruleset |
60 |
@dir(root,ossec,0750) /var/ossec/ruleset |