Difference between revisions of "HIDS 61129"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with "'''Rule ID''' 61129 '''Status''' Active rule currently published. '''Description''' ''Grsecurity has detected a time change on the system.'' This rule detects when th...")
 

Latest revision as of 15:46, 23 March 2014

Rule ID

61129

Status

Active rule currently published.

Description

Grsecurity has detected a time change on the system.

This rule detects when the time on the system has been changed. ASL does not cause this event, and this rule does not shun or block any activity. It exists to detect potentially suspicious changes to the system. Attackers sometimes change the systems time to corrupt the logs on the system, or to hide activity.

False Positives

None.

Tuning Recommendations

None.

Similar Rules

None.

Retrieved from "https://wiki.atomicorp.com/wiki/index.php?title=HIDS_61129&oldid=4594"
Personal tools