you are drop ?
check ipables -vnL
and flush if needed
and whitelist your needed ip in ossec.conf (dns, gateway, etc...)
you can check activeresponse log
Le 2016-09-05 17:56, C. L. Martinez a écrit :
On Mon 5.Sep'16 at 8:59:41 +0200, secucatc...@free.fr wrote:
hi
003,004 doesn't work
but e
On Mon 5.Sep'16 at 8:59:41 +0200, secucatc...@free.fr wrote:
> hi
> 003,004 doesn't work
> but each section separetely is working
>
>
> firewall-drop
> defined-agent
> 067
> 864000
> 117154,31510,117159,117162
>
>
>
> firewall-drop
> defined-agent
> 038
>
hi
003,004 doesn't work
but each section separetely is working
firewall-drop
defined-agent
067
864000
117154,31510,117159,117162
firewall-drop
defined-agent
038
864000
117154,31510,117159,117162
be carefull with that case
https://github.com/ossec/oss
On Fri, Sep 2, 2016 at 7:54 AM, C. L. Martinez wrote:
> On Fri 2.Sep'16 at 7:37:24 -0400, dan (ddp) wrote:
>> On Fri, Sep 2, 2016 at 7:07 AM, C. L. Martinez wrote:
>> > Hi all,
>> >
>> > Is it posible to assign multiple agent_id for one active reponse only?
>> > Example:
>> >
>> >
>> > f
On Fri 2.Sep'16 at 7:37:24 -0400, dan (ddp) wrote:
> On Fri, Sep 2, 2016 at 7:07 AM, C. L. Martinez wrote:
> > Hi all,
> >
> > Is it posible to assign multiple agent_id for one active reponse only?
> > Example:
> >
> >
> > firewall-drop
> > defined-agent
> > 003,004
> > 7
> >
On Fri, Sep 2, 2016 at 7:07 AM, C. L. Martinez wrote:
> Hi all,
>
> Is it posible to assign multiple agent_id for one active reponse only?
> Example:
>
>
> firewall-drop
> defined-agent
> 003,004
> 7
> 86400
> 2880,4320,5760
>
>
> Thanks.
>
Have you tried it? I can't
Hi all,
Is it posible to assign multiple agent_id for one active reponse only? Example:
firewall-drop
defined-agent
003,004
7
86400
2880,4320,5760
Thanks.
--
Greetings,
C. L. Martinez
--
---
You received this message because you are subscribed to the Google Gro
