I am using 30000-60000 (source ports) on my servers, how can I change the source port that the agent is using ?
On Wed, Jan 14, 2015 at 4:53 PM, dan (ddp) <[email protected]> wrote: > On Wed, Jan 14, 2015 at 3:32 AM, Yaniv Ron <[email protected]> wrote: > > Hi, > > I found that one of the agents was using a very strange UDP port : > > > > ossec-age 7055 ossec 7u IPv4 437537314 0t0 > > UDP 10.10.10.10:56594->ossec1 > > > > 10.10.10.10 is the agent and ossec1 is the manager? If so, then 56594 > is the source port chosen at random. > > > This server (as well as the rest of my agents) is behind a NAT. > > I tried to find information about ALL the ports that OSSEC agents use > and I > > didn't found any reasonable information for that. > > > > I would like to disable my ossec-agents to use these unkown ports - can > you > > please advise about the following : > > > > 1) why was this port was in use ? what is it ? > > 2) how can I disable it > > > > Thanks, > > -- > > Yaniv Ron > > +972-3-7298582 > > Security Department | Viber S.a.r.l | www.viber.com | [email protected] > > > > -- > > > > --- > > You received this message because you are subscribed to the Google Groups > > "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to [email protected]. > > For more options, visit https://groups.google.com/d/optout. > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- *Yaniv Ron* +972-3-7298582 *Security Department | Viber S.a.r.l *| www.viber.com | yron@viber <http://twitter.com/viber>.com -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
