On Tue, Sep 23, 2014 at 2:51 AM, List Monkey <[email protected]> wrote: > The ossec-rootcheck is not present on my install (has it been deprecated?) > I am able to use the agent-control to force a complete run. It runs > without error.
Without more information, I would have to say it is likely a false positive. A binary is probably not returning the value OSSEC is expecting in regards to the system calls getsid() and kill() and the output of ps. This is common with less popular operating systems since the majority of individuals who use OSSEC run it on GNU/Linux. I know this has happened with OSSEC + IBM AIX on occasion. Brandon Vincent _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
