2012/3/12 Roa jose...@gmail.com:
http://pastebin.com/gyqK52QQ
The ossec server running in Ubuntu .
*** Making os_dbd ***
make[1]: Entering directory `/home/desarrollo/ossec-hids-2.6/src/
os_dbd'
Compiling DB support with:
gcc -g -Wall -I../ -I../headers -DDEFAULTDIR=\/var/ossec\ -
Hello everyone,
I'm receiving a lot of alerts on one of my servers where the ossec
agent is running that someone was attempting to get in.
That would not be surprising, if there was a different ip in each
email - but there is not.
1. I did some troubleshooting by trying to ban an ip permanently
On 03/12/2012 10:49 AM, Dimitri Yioulos wrote:
Anyone have any ideas on this?
All,
Back at the end of last year, I asked about using the repeated-offenders
feature
in OH. I added the following directives to ossec.conf on the host that I
want
this to work in:
command
On Monday 12 March 2012 12:24:47 pm Steven Stern wrote:
On 03/12/2012 10:49 AM, Dimitri Yioulos wrote:
Anyone have any ideas on this?
All,
Back at the end of last year, I asked about using the repeated-offenders
feature
in OH. I added the following directives to ossec.conf on the
Hi All,
When using the syslog output, is it possible to send the output to two
different syslog servers?
This is what I have in our server's ossec.conf --
syslog_output
server192.168.246.96/server
port514/port
/syslog_output
!-- Splunk --
syslog_output
On 03/12/2012 11:53 AM, Dimitri Yioulos wrote:
On Monday 12 March 2012 12:24:47 pm Steven Stern wrote:
On 03/12/2012 10:49 AM, Dimitri Yioulos wrote:
Anyone have any ideas on this?
All,
Back at the end of last year, I asked about using the repeated-offenders
feature
in OH. I added the