Do you run OSSEC on 9.0?
Ross
basarevych at gmail.com
Thu Nov 24 07:32:42 UTC 2011
I am getting emails about hidden files in /dev. Before that (on 8.2)
everything was OK. What should I do?
OSSEC HIDS Notification.
2011 Nov 24 08:17:25
Received From: coffin->rootcheck
Rule: 510 fired (level 7) -> "Host-based anomaly detection event (rootcheck)."
Portion of the log(s):
Files hidden inside directory '/dev'. Link count does not match number
of files (9,27).
--END OF NOTIFICATION
More information about the freebsd-questions
mailing list