Atomicorp

i am a happy ASL / RHel5 User.

Can anyone explain me the following things why i need it!

MODSEC_00_WHITELIST
MODSEC_00_RBL
MODSEC_05_SCANNER
MODSEC_10_ANTIMALWARE
MODSEC_10_RULES
MODSEC_20_USERAGENTS
MODSEC_30_ANTISPAM
MODSEC_40_APACHE
MODSEC_50_ROOTKITS
MODSEC_60_RECONS
MODSEC_99_JITP

at last What is OSSEC?

and How to disabled these checks: Integrity checksum changed for: '/etc/sysconfig/rkhunter'

whitelist- for disabling mod_security by IP
rbl - real-time blacklists, just like RBL's in smtp
scanner - implements clamav scanning on uploads over http
antimalware - blacklist of known malware sites hosting remote include malware
rules - generic attack ruleset
useragents - known malware/worm/malicious useragents
antispam - comment spam rules
apache - general apache ruleset
rootkits - rootkit ruleset
recons - recon ruleset
jitp - just-in-time-patches or virtual patches. rules for known exploits in web apps.

OSSEC is the host based intrusion detection system, log analysis, and active-response engine.

Last but not least, I wouldn't recommend disabling the integrity checks. Those are what it uses to detect rootkits and other malicious activity on the file system.

I see the following thing: ASL
An update is available

1. Does he downlaod the update/rules alone or must i make it?
2. If i use TOP Command and press1 and want see CPU1+2 it doenst work. Now i see CPU(s) o.O.

You can force an update with:

asl -u

and

yum update