![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Entry tags:
Geek humour with HIDS?
So I install a new piece of security software I've been hearing about, the OSSEC HIDS, on my server, and once I get the thing started up the first thing it tells me is:
2008 Jul 13 02:45:08 Rule Id: 1002 level: 2
Location: dev->/var/log/syslog
Unknown problem somewhere in the system.
Jul 12 22:45:07 dev kernel: audit(1215917107.286:40025): avc: denied { getattr } for pid=3203 comm="ossec-syscheckd" path="/sbin/setfiles" dev=md0 ino=227587 scontext=user_u:system_r:pam_console_t:s0 tcontext=system_u:object_r:setfiles_exec_t:s0 tclass=file
and as the log/screen is filling up with these I start laughing, because
that's another security software package (SELinux) complaining that something it doesn't know about is reading all of the log files!
*chortle* Oh, right, i did tell it it could send me mail. Hehehehehe....
2008 Jul 13 02:45:08 Rule Id: 1002 level: 2
Location: dev->/var/log/syslog
Unknown problem somewhere in the system.
Jul 12 22:45:07 dev kernel: audit(1215917107.286:40025): avc: denied { getattr } for pid=3203 comm="ossec-syscheckd" path="/sbin/setfiles" dev=md0 ino=227587 scontext=user_u:system_r:pam_console_t:s0 tcontext=system_u:object_r:setfiles_exec_t:s0 tclass=file
and as the log/screen is filling up with these I start laughing, because
that's another security software package (SELinux) complaining that something it doesn't know about is reading all of the log files!
*chortle* Oh, right, i did tell it it could send me mail. Hehehehehe....
no subject
Hey, I wrote some Uplift Fanfic!
[*]