On Aug 18, 2017 8:35 AM, "Gabriele Lagana"
wrote:
Hello,
I'm trying to understand if the keys stored in the client.keys file are
encrypted or not, and if they are encrypted which is the encryption
algorithm used.
I hope someone here can help me.
I don't think they are. It's a text file, you c
Hello,
I'm trying to understand if the keys stored in the client.keys file are
encrypted or not, and if yes, which is the encryption algorithm used?
I hope someone here can help me to understand this.
Best regards,
Gabriele
--
---
You received this message because you are subscribed to the
Hello,
I'm trying to understand if the keys stored in the client.keys file are
encrypted or not, and if they are encrypted which is the encryption
algorithm used.
I hope someone here can help me.
Best regards,
Gabriele
--
---
You received this message because you are subscribed to the Goog
Hi Chris,
I know i am late to the party, but i was wondering if you still had the
excel batch file you used to parse the client.keys file?
Thank you
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop
Koby,
If you can contact me directly I will send you what I used.
On Tuesday, October 15, 2013 4:25:48 AM UTC-5, koby yakov wrote:
>
> Hi Chris,
>
> i'm facing with the same issue that you were having here,
>
> my current status is:
>
> i'm abling to install the agents on the windows machin
Hi Chris,
i'm facing with the same issue that you were having here,
my current status is:
i'm abling to install the agents on the windows machine, copy the conf file
and create the agents on the server side.
i need your assistence with extracting the keys from the server side and
insert e
gt;
> --
>
> James Pulver
>
> CLASSE Computer Group
>
> Cornell University
>
>
>
> *From:* ossec...@googlegroups.com [mailto:
> ossec...@googlegroups.com ] *On Behalf Of *Chris Lauritzen
> *Sent:* Friday, September 27, 2013 2:26 PM
> *To:* ossec...
, September 27, 2013 2:26 PM
To: ossec-list@googlegroups.com
Subject: Re: [ossec-list] Client.keys
As a follow up: Only to find out there is a 1500 record limit in each instance
OSSEC.
On Friday, September 27, 2013 10:11:33 AM UTC-5, Chris Lauritzen wrote:
In a nut shell:
Auto populate the keys on
As a follow up: Only to find out there is a 1500 record limit in each
instance OSSEC.
On Friday, September 27, 2013 10:11:33 AM UTC-5, Chris Lauritzen wrote:
>
> In a nut shell:
>
> Auto populate the keys on the server. Copy the key files to a windows Pc
> and using a excel batch file it extract
In a nut shell:
Auto populate the keys on the server. Copy the key files to a windows Pc
and using a excel batch file it extracted each key to a txt file name with
the PC name. I then used a batch to copy the file from the share based on
the the computer name and and then renamed the file to cl
On 26.09.2013 16:40, Chris Lauritzen wrote:
Thank you everyone for your help. I have resolved my issue and have
pushed out the agent to 3500 PC's today in just over an hour.
Inquiring minds want to know! :)
--
---
You received this message because you are subscribed to the Google Groups "oss
Thank you everyone for your help. I have resolved my issue and have pushed
out the agent to 3500 PC's today in just over an hour.
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from
Sorry to say it is still not working. I have checked the file name and
there are no double extensions
On Tuesday, September 24, 2013 11:03:57 AM UTC-5, Jared wrote:
>
> You are correct Mike, that is ill advised as a permanent config, bout
> would rule out perms and complete the proper closing of
s.com [mailto:ossec-list@googlegroups.com] On
Behalf Of Michael Starks
Sent: Tuesday, September 24, 2013 11:48 AM
To: ossec-list@googlegroups.com
Subject: RE: [ossec-list] Client.keys
On 24.09.2013 09:54, James M. Pulver wrote:
> The problem is there is (as far as I can tell in 2.7.1 install) no
On 24.09.2013 09:29, Chris Lauritzen wrote:
Now here is the new issue, when the client installs it should read in
the client.keys file when the service starts. If you read my orginal
question you can see that is was working except I was trying to embed
all the keys in a single file. The file that
You are correct Mike, that is ill advised as a permanent config, bout would
rule out perms and complete the proper closing of the file for debugging.
On Tuesday, September 24, 2013 11:43:18 AM UTC-4, Michael Starks wrote:
>
> On 24.09.2013 10:08, Jared wrote:
> > I believe that this is what you
On 24.09.2013 09:54, James M. Pulver wrote:
The problem is there is (as far as I can tell in 2.7.1 install) no
agent-auth.exe ... so how do we test it?
The current status is that OpenSSL was compiled (see
http://www.michaelboman.org/how-to/building-openssl-on-windows for a
how-to), but it has
On 24.09.2013 10:08, Jared wrote:
I believe that this is what you need in your batch file after you
echo
into the file:
cacls "C:Program Files (x86)ossec-agentclient.keys" /T /E /G
everyone:F
I wouldn't recommend this. This grants everyone full access. That means
an attacker can read/delete
Pulver
> CLASSE Computer Group
> Cornell University
>
>
> -Original Message-
> From: ossec-list@googlegroups.com [mailto:ossec-list@googlegroups.com] On
> Behalf Of dan (ddp)
> Sent: Tuesday, September 24, 2013 10:58 AM
> To: ossec-list@googlegroups.com
> Subject:
Jared,
Thanks again... this didn't work. I am not injecting the key into the file
during the batch process. The key is extracted from the server via an Excel
Macro. It is a standard TXT file.
On Tuesday, September 24, 2013 10:08:12 AM UTC-5, Jared wrote:
>
> I believe that this is what you nee
10:58 AM
To: ossec-list@googlegroups.com
Subject: Re: [ossec-list] Client.keys
On Tue, Sep 24, 2013 at 10:54 AM, James M. Pulver wrote:
> The problem is there is (as far as I can tell in 2.7.1 install) no
> agent-auth.exe ... so how do we test it?
>
Build it.
> --
> James
I have checked and the user has full access.
On Tuesday, September 24, 2013 9:47:36 AM UTC-5, dan (ddpbsd) wrote:
>
> On Tue, Sep 24, 2013 at 10:29 AM, Chris Lauritzen
> >
> wrote:
> >
> > First off thanks to everyone that has helped here. I have a new twist to
> my
> > problem. I have creat
I believe that this is what you need in your batch file after you echo into
the file:
cacls "C:\Program Files (x86)\ossec-agent\client.keys" /T /E /G everyone:F
Alternately, the file may still be open/locked, but you should still be able to
read it. Error handling should let you know if you are
nal Message-
> From: ossec-list@googlegroups.com [mailto:ossec-list@googlegroups.com] On
> Behalf Of dan (ddp)
> Sent: Tuesday, September 24, 2013 10:47 AM
> To: ossec-list@googlegroups.com
> Subject: Re: [ossec-list] Client.keys
>
> On Tue, Sep 24, 2013 at 7:57 AM, wrote:
: Tuesday, September 24, 2013 10:47 AM
To: ossec-list@googlegroups.com
Subject: Re: [ossec-list] Client.keys
On Tue, Sep 24, 2013 at 7:57 AM, wrote:
> Hello,
>
>
>
> sorry, when I disturbing the discussion. We have the same problem with
> windows agents.
>
> Under *NIX os we
On Tue, Sep 24, 2013 at 10:29 AM, Chris Lauritzen wrote:
>
> First off thanks to everyone that has helped here. I have a new twist to my
> problem. I have created a macro that pulls the correct key from the server
> and writes it to a file named with the computer id. I have a batch script
> that c
for the howto, it’s should be better as our situation under
> windows now J
>
>
>
> Mit freundlichen Grüßen / Best regards
> Björn
>
>
>
> Von: ossec-list@googlegroups.com [mailto:ossec-list@googlegroups.com] Im
> Auftrag von Jared
> Gesendet: Montag, 23. Sept
First off thanks to everyone that has helped here. I have a new twist to my
problem. I have created a macro that pulls the correct key from the server
and writes it to a file named with the computer id. I have a batch script
that copies the file from the server share to the client workstation b
ontag, 23. September 2013 21:42
An: ossec-list@googlegroups.com
Betreff: Re: [ossec-list] Client.keys
Okay, off line then via email.
Jared
On Friday, September 20, 2013 9:48:10 AM UTC-4, Chris Lauritzen wrote:
Jared,
What I am trying to do it automate the install. We use LANDesk to push out app
ver to every
>>>> agent, it will not work (only reads the first line).
>>>>
>>>> If you need some scripting automation for installing/configuring OSSEC
>>>> on Windows and Linux, and can run powershell from your Windows Landesk
>>>> instance, I can he
Michael,
That sounds like an option. I'm looking at it now.
On Friday, September 20, 2013 9:55:19 AM UTC-5, Michael Starks wrote:
>
> On 09/20/2013 08:48 AM, Chris Lauritzen wrote:
> > So what I am looking to do is to find a way
> > to not create 3500 Client.keys files.
>
> You could create a
On 09/20/2013 08:48 AM, Chris Lauritzen wrote:
So what I am looking to do is to find a way
to not create 3500 Client.keys files.
You could create a file on a share with all of the keys and have a
post-install script that finds the right key and puts it in the keys
file on the agent. Something
hell from your Windows Landesk
>>> instance, I can help. Just need to come up with what "success" would look
>>> like from requirements perspective and the scripting part is easy.
>>>
>>> Jared
>>>
>>>
>>>
>>> On Thu, Sep 19, 2013 at 10:19
gt;
>>
>> On Thu, Sep 19, 2013 at 10:19 AM, James M. Pulver wrote:
>>
>>> Yes, each client has a unique client.keys.
>>>
>>> ** **
>>>
>>> --
>>>
>>> James Pulver
>>>
>>> CLASSE Comput
Mike I agree that have the Key file on the PC with all the keys is not a
good idea. I will look into OpenSSL.
On Thursday, September 19, 2013 9:55:32 AM UTC-5, Michael Starks wrote:
>
> On 19.09.2013 08:46, Chris Lauritzen wrote:
> > James let get this straight, if I have 3500 pc's to push thi
Computer Group
>>
>> Cornell University
>>
>> ** **
>>
>> *From:* ossec...@googlegroups.com [mailto:
>> ossec...@googlegroups.com ] *On Behalf Of *Chris Lauritzen
>> *Sent:* Thursday, September 19, 2013 9:46 AM
>>
>> *To:* osse
On 19.09.2013 08:46, Chris Lauritzen wrote:
James let get this straight, if I have 3500 pc's to push this out to
I
need 3500 client.keys files?
Just to jump in here, let's consider for a moment that the compromise
of one machine would mean the compromise of all keys in your
infrastructure if
University
>
> ** **
>
> *From:* ossec-list@googlegroups.com [mailto:ossec-list@googlegroups.com] *On
> Behalf Of *Chris Lauritzen
> *Sent:* Thursday, September 19, 2013 9:46 AM
>
> *To:* ossec-list@googlegroups.com
> *Subject:* Re: [ossec-list] Client.keys
>
-list] Client.keys
James let get this straight, if I have 3500 pc's to push this out to I need
3500 client.keys files?
On Wednesday, September 18, 2013 5:13:28 PM UTC-5, Michael Starks wrote:
On 09/18/2013 04:08 PM, Chris Lauritzen wrote:
> Yes the Key have been made. There is a new twist
James let get this straight, if I have 3500 pc's to push this out to I need
3500 client.keys files?
On Wednesday, September 18, 2013 5:13:28 PM UTC-5, Michael Starks wrote:
>
> On 09/18/2013 04:08 PM, Chris Lauritzen wrote:
> > Yes the Key have been made. There is a new twist to this now. The
>
ps.com ] *On Behalf Of *Chris Lauritzen
> *Sent:* Wednesday, September 18, 2013 5:08 PM
> *To:* ossec...@googlegroups.com
> *Subject:* Re: [ossec-list] Client.keys
>
>
>
> Yes the Key have been made. There is a new twist to this now. The install
> is reading the client.
m] On
Behalf Of Chris Lauritzen
Sent: Wednesday, September 18, 2013 5:08 PM
To: ossec-list@googlegroups.com
Subject: Re: [ossec-list] Client.keys
Yes the Key have been made. There is a new twist to this now. The install is
reading the client.keys but is only reading in the first key listed. Every
insta
On 09/18/2013 04:08 PM, Chris Lauritzen wrote:
Yes the Key have been made. There is a new twist to this now. The
install is reading the client.keys but is only reading in the first key
listed. Every install is pulling only the first key. If I manually add
the key it works fine. When creating the
Yes these are Windows Agents. Yes there are multiple keys in the
client.keys file. What utilities are you talking about. I am not the one
creating the key file, I am the Landesk admin pushing it out to the 3500
systems. I have created a batch file that installs it and it does work if
you look a
Yes the Key have been made. There is a new twist to this now. The install
is reading the client.keys but is only reading in the first key listed.
Every install is pulling only the first key. If I manually add the key it
works fine. When creating the key I see that the name is optional but is it
On 13.09.2013 14:09, Chris Lauritzen wrote:
When installing the agent it is my understanding that the install
will
look at the client.keys file and read in the proper key. This is not
happening. I have to push this out to 3500 PC in the next couple of
weeks, I am using LANDesk as the controler.
When installing the agent it is my understanding that the install will look
at the client.keys file and read in the proper key. This is not happening.
I have to push this out to 3500 PC in the next couple of weeks, I am using
LANDesk as the controler. Why is it not reading in the key? Also how d
On Fri, Sep 13, 2013 at 3:09 PM, Chris Lauritzen wrote:
> When installing the agent it is my understanding that the install will look
> at the client.keys file and read in the proper key. This is not happening. I
> have to push this out to 3500 PC in the next couple of weeks, I am using
> LANDesk
I just changed it to root:ossec and it worked :) Thanks!
On Wed, Aug 22, 2012 at 9:41 AM, Daniel Cid wrote:
> Yes, the ossecr user (or ossec group) needs permission to read it.
>
> thanks,
>
> On Wed, Aug 22, 2012 at 1:00 PM, OSSEC junkie
> wrote:
> > I am getting permission errors on client.ke
Yes, the ossecr user (or ossec group) needs permission to read it.
thanks,
On Wed, Aug 22, 2012 at 1:00 PM, OSSEC junkie wrote:
> I am getting permission errors on client.keys:
> 2012/08/22 08:44:38 ossec-remoted(4111): INFO: Maximum number of
> agents allowed: '3500'.
> 2012/08/22 08:44:38 osse
I am getting permission errors on client.keys:
2012/08/22 08:44:38 ossec-remoted(4111): INFO: Maximum number of
agents allowed: '3500'.
2012/08/22 08:44:38 ossec-remoted(1410): INFO: Reading authentication keys file.
2012/08/22 08:44:38 ossec-remoted(1103): ERROR: Unable to open file
'/etc/client.k
51 matches
Mail list logo