On May 26, 2014 6:14 PM, "PAL 18" wrote:
>
> No, everything configuration wise is still vanilla (aside from what the
installer asked me). How would i do that?
>
Add a localfile entry in the system's ossec.conf to monitor the logfile the
iptables logs are saved to.
Use ossec-logtest to write a de
No, everything configuration wise is still vanilla (aside from what the
installer asked me). How would i do that?
On Monday, May 26, 2014 4:49:27 PM UTC-4, dan (ddpbsd) wrote:
>
>
> On May 26, 2014 3:25 PM, "PAL 18" >
> wrote:
> >
> > Port scan blocking doesn't appear to be working. I scanned
On May 26, 2014 3:25 PM, "PAL 18" wrote:
>
> Port scan blocking doesn't appear to be working. I scanned with nmap (on
a different computer) and with a web based tool and OSSec didn't send me
any email alerts about the scans (i get alerts for other things).
>
> All active response rules are set to
Oh. thank for help. Dan :)
Vào 00:05:42 UTC+7 Thứ ba, ngày 27 tháng năm năm 2014, dan (ddpbsd) đã viết:
>
>
> On May 26, 2014 1:02 PM, "Nguyễn Văn Hớn" >
> wrote:
> >
> >
> > For example. when server have detect rootkit or modified from agent , we
> have alert. but it only server have alert. i w
Port scan blocking doesn't appear to be working. I scanned with nmap (on a
different computer) and with a web based tool and OSSec didn't send me any
email alerts about the scans (i get alerts for other things).
All active response rules are set to defaults.
I thought maybe it was because bloc
On May 26, 2014 1:02 PM, "Nguyễn Văn Hớn" wrote:
>
>
> For example. when server have detect rootkit or modified from agent , we
have alert. but it only server have alert. i want to agent know that. and
agent have autonomous attack that. we have use syslog to send alert from
server to agetn. config
For example. when server have detect rootkit or modified from agent , we
have alert. but it only server have alert. i want to agent know that. and
agent have autonomous attack that. we have use syslog to send alert from
server to agetn. config from ossec.conf (server)
Vào 23:51:44 UTC+7 Th
On May 26, 2014 12:49 PM, "Nguyễn Văn Hớn" wrote:
>
> Oh thank Dan... the question 1. because when the server dectect attack
from agent the only server know that. i think agent need know that. Can you
help me more details. ( sorry my english is bad :(
Typically you want a person to know. You cou
Oh thank Dan... the question 1. because when the server dectect attack
from agent the only server know that. i think agent need know that. Can you
help me more details. ( sorry my english is bad :(
2. i have turn on option yes but have error
Vào 23:43:15 UTC+7 Thứ hai, ngày 26 tháng năm năm 20
On May 26, 2014 12:07 PM, "Lyes AIT CHEIKH" wrote:
>
> hello everyone
>
> i am still new to Ossec and wanted to know if there is a way to send
Ossec alert with snmp and not just emailing, I did some research but did
not find anything in the official documentation
>
There is no built in functiona
On May 26, 2014 12:39 PM, "Nguyễn Văn Hớn" wrote:
>
> hi everybody. i have question :
> How to send alert from server to agent when agent have attacked. And log
from agent send to server. Where is it stored?
>
You can't really send the alerts to the agents. You can send some alerts to
a centraliz
hi everybody. i have question :
How to send alert from server to agent when agent have attacked. And log
from agent send to server. Where is it stored?
thank for help
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this
hello everyone
i am still new to Ossec and wanted to know if there is a way to send Ossec
alert with snmp and not just emailing, I did some research but did not find
anything in the official documentation
and if it doesn't do it natively is there any way to implement it (call a
function o
13 matches
Mail list logo