From 875caaf64ee14dcb7a6df3795a3e5c92f26b8c31 Mon Sep 17 00:00:00 2001 From: Thomas Stromberg Date: Thu, 10 Nov 2022 12:14:18 -0500 Subject: [PATCH] Add redhat-lsb back --- detection/evasion/unexpected-etc-executables.sql | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/detection/evasion/unexpected-etc-executables.sql b/detection/evasion/unexpected-etc-executables.sql index 6d2f67f..c961580 100644 --- a/detection/evasion/unexpected-etc-executables.sql +++ b/detection/evasion/unexpected-etc-executables.sql @@ -31,13 +31,10 @@ WHERE '/etc/acpi', '/etc/alternatives', '/etc/apcupsd', - '/etc/kde/shutdown', '/etc/apm/resume.d', '/etc/apm/scripts.d', - '/etc/nix/result', '/etc/apm/suspend.d', '/etc/avahi', - '/etc/nix/result/sw/bin', '/etc/bash_completion.d', '/etc/brltty/Contraction', '/etc/chromium/native-messaging-hosts', @@ -69,6 +66,7 @@ WHERE '/etc/ifplugd', '/etc/ifplugd/action.d', '/etc/init.d', + '/etc/kde/shutdown', '/etc/kernel/header_postinst.d', '/etc/kernel/install.d', '/etc/kernel/postinst.d', @@ -83,6 +81,8 @@ WHERE '/etc/network/if-pre-up.d', '/etc/network/if-up.d', '/etc/NetworkManager/dispatcher.d', + '/etc/nix/result', + '/etc/nix/result/sw/bin', '/etc/openvpn', '/etc/periodic/daily', '/etc/periodic/monthly', @@ -112,6 +112,7 @@ WHERE '/etc/rc.d/rc6.d', '/etc/rcS.d', '/etc/rdnssd', + '/etc/redhat-lsb', '/etc/security', '/etc/skel', '/etc/ssl/certs',