Yes, I think. The list of Azure Public IP ranges is easy to download and is XML
formatted:
If I correctly understand documentation regarding CDB list, I must transform
the XML file to something like this:
useast_13.68.128.0_17:13.68.128.0/17
useast_13.72.64.0_18:13.72.64
OSSEC 3.0 will be formally released at the OSSEC Conference near
Washington, DC on April 5, 2018. The conference will be an opportunity to
review the 3.0 update, for users to share some case study lessons learned,
go deep in a few areas and generally to gather the OSSEC community
together. Ther
On Jan 15, 2018 11:47 AM, "Sylvain Crouet"
wrote:
Hello,
I need to massively white-list several IP ranges, which furthermore change
regularly. How can I manage this without updating a local rule manually?
Can you programatically update a cdb list?
Cordialement / Kind regards
*Sylvain
Hello,
I need to massively white-list several IP ranges, which furthermore change
regularly. How can I manage this without updating a local rule manually?
Cordialement / Kind regards
Sylvain Crouet
Security Officer - Security is everybody's responsibility
CISSP
ISO 27005 Risk Manager
ISO 27001
On Mon, Jan 15, 2018 at 10:05 AM, Anoop Perayil wrote:
> came across this -
> http://www.ossec.net/files/ossec-hids-2.7-release-note.txt
>
> === Rootcheck
> == support rootcheck fine-grain configuration control -- yes/no of
> individual checks
>- etc/ossec.conf
>
>
came across this -
http://www.ossec.net/files/ossec-hids-2.7-release-note.txt
=== Rootcheck
== support rootcheck fine-grain configuration control -- yes/no of
individual checks
- etc/ossec.conf
yes
yes
yes
On Mon, Jan 15, 2018 at 9:04 AM, Anoop Perayil wrote:
> Hello All,
>
> Do we have an option to disable the netstat checks via ossec.conf on v2.9.2?
>
Not that I can remember off hand. This seems to be popular enough, if
someone wants to submit a pull request with the feature.
> Thanks,
> Anoop
>
Hello All,
Do we have an option to disable the netstat checks via ossec.conf on
v2.9.2?
Thanks,
Anoop
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to oss
Hello All,
Do we have an option to disable the netstat checks via ossec.conf on
v2.9.2?
Thanks,
Anoop
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to oss
Do we have this feature to disable netstat on v2.9.2?
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
For more optio
Do we have this feature to disable netstat on v2.9.2?
On Thursday, 22 March 2012 10:26:35 UTC+5:30, quanta wrote:
>
> Which block do I must add these config. to: ,
> or anything else?
>
> Starting OSSEC: 2012/03/22 11:49:29 ossec-config(1230): ERROR: Invalid
> element in the configuration: 'rootk
On Mon, Jan 8, 2018 at 8:35 AM, wrote:
> Thank you...
>
> Can you please provide a snippet of what the agent.conf should look like for
> this type of configuration.
>
> I have looked and I can not seem to find any sample agent.conf files that
> has this type of config.
>
All agent.conf files beh
On Wed, Jan 10, 2018 at 6:15 AM, HairLoss2018 wrote:
> OK, I have resolved this issue by re-installing OSSEC and setting
> active-response to live during setup.
>
> I notice that values entered during setup are added to ossec.mc and not
> ossec.conf and in ossec.conf it says
>
> Do I need to echo
13 matches
Mail list logo