tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added Wazuh agent as a rootkit scanner 

Wazuh is a fork of OSSEC and is being actively maintained. Wazuh agent has capabilities to detect and prevent rootkits. Therefore, it seems feasible to add wazuh-agent to the accepted rootkit detection products.

https://documentation.wazuh.com/current/pci-dss/rootkit-detection.html
This commit is contained in:
Zafer Balkan 2022-07-20 21:50:26 +03:00 committed by GitHub
parent e4cd5eaede
commit 32a39eaaf8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
include/tests_malware
View File

@ -43,6 +43,7 @@
SYMANTEC_SCANNER_RUNNING=0 SYMANTEC_SCANNER_RUNNING=0
SYNOLOGY_DAEMON_RUNNING=0 SYNOLOGY_DAEMON_RUNNING=0
TRENDMICRO_DSA_DAEMON_RUNNING=0 TRENDMICRO_DSA_DAEMON_RUNNING=0
WAZUH_DAEMON_RUNNING=0
# #
################################################################################# #################################################################################
# #
@ -314,8 +315,10 @@
if IsVerbose; then Display --indent 2 --text "- ${GEN_CHECKING} Wazuh agent" --result "${STATUS_FOUND}" --color GREEN; fi if IsVerbose; then Display --indent 2 --text "- ${GEN_CHECKING} Wazuh agent" --result "${STATUS_FOUND}" --color GREEN; fi
LogText "Result: found Wazuh component" LogText "Result: found Wazuh component"
FOUND=1 FOUND=1
WAZUH_DAEMON_RUNNING=1
MALWARE_DAEMON_RUNNING=1 MALWARE_DAEMON_RUNNING=1
MALWARE_SCANNER_INSTALLED=1 MALWARE_SCANNER_INSTALLED=1
ROOTKIT_SCANNER_FOUND=1
Report "malware_scanner[]=wazuh" Report "malware_scanner[]=wazuh"
fi fi