how to keep up to date with rootkit_files and trojans .txt

[Chris Young]

Hi,

we are just considering implementing OSSEC and one of the requirements is for up to date rootkit checking.

I can't seem to work out where to get the latest, if it is maintained files from, ie rootkit_files.txt and rootkit_trojans.txt

One of the starting points to look at OSSEC was to have a centralised version of rkhunter, which every time it runs looks for updates.

any guidance please?

many thanks, Chris

[dan (ddp)]

If someone updates the files and submits their changes, you can find
them in the github repository: https://github.com/ossec/ossec-hids

> many thanks, Chris
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ossec-list+...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

[Chris Young]

ok thanks, do you happen to have an idea as to how often this happens?

[dan (ddp)]

On Wed, Jun 22, 2016 at 11:20 AM, Chris Young <chris.y...@gmail.com> wrote:
> ok thanks, do you happen to have an idea as to how often this happens?
>

Not often.
https://github.com/ossec/ossec-hids/commits/master/src/rootcheck/db/rootkit_files.txt
https://github.com/ossec/ossec-hids/commits/master/src/rootcheck/db/rootkit_trojans.txt

[Chris Young]

thanks for taking the time to point out how I can help myself going forwards and the answer.

regards, Chris

You received this message because you are subscribed to a topic in the Google Groups "ossec-list" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ossec-list/u1KzVuVOsIw/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ossec-list+...@googlegroups.com.