So I install a new piece of security software I've been hearing about, the OSSEC HIDS, on my server, and once I get the thing started up the first thing it tells me is:

2008 Jul 13 02:45:08 Rule Id: 1002 level: 2
Location: dev->/var/log/syslog
Unknown problem somewhere in the system.
Jul 12 22:45:07 dev kernel: audit(1215917107.286:40025): avc: denied { getattr } for pid=3203 comm="ossec-syscheckd" path="/sbin/setfiles" dev=md0 ino=227587 scontext=user_u:system_r:pam_console_t:s0 tcontext=system_u:object_r:setfiles_exec_t:s0 tclass=file

and as the log/screen is filling up with these I start laughing, because

that's another security software package (SELinux) complaining that something it doesn't know about is reading all of the log files!

*chortle* Oh, right, i did tell it it could send me mail. Hehehehehe....

Tags: !security
Current Location: NOC
Current Mood: amused
Current Music: Poe - Beautiful Girl | Scrobbled by Last.fm