Common directories to scan

Carlos Islas

unread,

Mar 2, 2018, 2:01:11 PM3/2/18

to ossec-list

Hello,

Firstly, im sorry for my bad english. I want to know, based on your experience, which directories are the most common to realize a syscheck on Windows or Linux devices?

Thank you to all of you for your attention.

Regards!

Carlos Islas

unread,

Mar 12, 2018, 3:09:40 PM3/12/18

to ossec-list

Does anyone have any recommendations?

=(

Regards...

dan (ddp)

unread,

Mar 14, 2018, 5:23:32 PM3/14/18

to ossec...@googlegroups.com

On Fri, Mar 2, 2018 at 2:01 PM, Carlos Islas <sparks....@gmail.com> wrote:
> Hello,
>
> Firstly, im sorry for my bad english. I want to know, based on your
> experience, which directories are the most common to realize a syscheck on
> Windows or Linux devices?
>

/etc, /bin, /sbin, /usr/sbin, /usr/bin
Directories with static data. bin directories for web applications

I like to monitor /var/ossec/bin and /var/ossec/etc

> Thank you to all of you for your attention.
>
> Regards!
>

> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ossec-list+...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

Carlos Islas

unread,

Mar 14, 2018, 5:25:23 PM3/14/18

to ossec-list

Hi dan

Thank you for your suggestion. And whats do you think for Windows paths?

Regards

dan (ddp)

unread,

Mar 14, 2018, 6:21:38 PM3/14/18

to ossec...@googlegroups.com

On Wed, Mar 14, 2018 at 5:25 PM, Carlos Islas <sparks....@gmail.com> wrote:
> Hi dan
>
> Thank you for your suggestion. And whats do you think for Windows paths?
>

Sorry, I don't do much with Windows. I'd assume it's the same type of
thing though. Binary paths, and static data.

Carlos Islas

unread,

Apr 11, 2018, 4:43:49 PM4/11/18

to ossec-list

Thanks dan

I colud configure it.

Regards

Reply all

Reply to author

Forward