I have ossec server(CentOS) and ossec agent(win7).
-On server-
ossec.conf:
command
nameeject_usb/name
executableevent.cmd/executable
expectsrcip/expect
timeout_allowedyes/timeout_allowed
/command
active-response
commandeject_usb/command
locationlocal/location
Yes, dan
How can I eject USB every time?
Vào 22:00:08 UTC+7 Thứ Hai, ngày 11 tháng 5 năm 2015, dan (ddpbsd) đã viết:
On Sun, May 10, 2015 at 11:27 AM, Bùi Viết Hướng
viethuon...@gmail.com javascript: wrote:
I have script file eject USB is eject.cmd had content:
$a =Get-WmiObject
I have script file eject USB is eject.cmd had content:
$a =Get-WmiObject win32_logicaldisk -filter 'DriveType=2' |
ForEach-Object{$kt = $_.DeviceID
$Eject = New-Object -comObject Shell.Application
$Eject.Namespace(17).ParseName($kt).InvokeVerb(Eject)
}
Where can I put this file(in
Yeah, this is my essay. I'll eject USB when user plug in it into my agent.
Vào 18:15:41 UTC+7 Thứ Tư, ngày 06 tháng 5 năm 2015, CraigL đã viết:
What would you like your agent to do when a user ejects a USB device?
On Wednesday, 6 May 2015 11:06:31 UTC+1, Bùi Viết Hướng wrote:
I need active
a USB device?
On Wednesday, 6 May 2015 11:06:31 UTC+1, Bùi Viết Hướng wrote:
I need active respond file.sh . Anyone can give me?
\
--
---
You received this message because you are subscribed to the Google Groups
ossec-list group.
To unsubscribe from this group and stop receiving emails
I need active respond file.sh . Anyone can give me?
\
--
---
You received this message because you are subscribed to the Google Groups
ossec-list group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
For more
Please help me!!!
I have two account mail is b...@viethuong.com and st...@viethuong.com.
I want oss...@viethuong.com send to b...@viethuong.com alert email(has
level 1-6) and send to st...@viethuong.com.(has level 6). What must I do?
--
---
You received this message because you are
Ohm! Maybe that's impossible. Thanks very much
Vào 22:18:36 UTC+7 Thứ ba, ngày 09 tháng mười hai năm 2014, Bùi Viết Hướng
đã viết:
Hey everyone,
I have been installed postfix mail server on ossec server. How I can alert
to second email account? How I config in /var/ossec/etc/ossec.conf
I have been config 2 email, but I want them alert at different level.
Vào 22:18:36 UTC+7 Thứ ba, ngày 09 tháng mười hai năm 2014, Bùi Viết Hướng
đã viết:
Hey everyone,
I have been installed postfix mail server on ossec server. How I can alert
to second email account? How I config in /var
Thanks dan for keyword Granular, I searched one
tut
http://docs.ospatrol.com/en/latest/manual/output/granular-email-output.html.
It's great.
Vào 22:18:36 UTC+7 Thứ ba, ngày 09 tháng mười hai năm 2014, Bùi Viết Hướng
đã viết:
Hey everyone,
I have been installed postfix mail server on ossec
Dan, can you help me another problem? I have 2 email(u...@viethuong.com and
u...@viethuong.com), I want u...@viethuong.com receive email has level 1-5 and
u...@viethuong.com receive email has level 10-15. What will I do?
Vào 22:18:36 UTC+7 Thứ ba, ngày 09 tháng mười hai năm 2014, Bùi Viết Hướng
Hey everyone,
I have been installed postfix mail server on ossec server. How I can alert
to second email account? How I config in /var/ossec/etc/ossec.conf another
mail account to receive alert
Thanks
--
---
You received this message because you are subscribed to the Google Groups
I can't create rules with parameters such as user name, IP source, program
name(ssh, ...).., and then can change the parameters and create a new
rule. Could anyone tell me the way?
--
---
You received this message because you are subscribed to the Google Groups
ossec-list group.
To
Could you give me an example? Both decode and rule.
Vào 23:11:35 UTC+7 Thứ hai, ngày 22 tháng chín năm 2014, dan (ddpbsd) đã
viết:
On Mon, Sep 22, 2014 at 6:53 AM, Bùi Viết Hướng
viethuon...@gmail.com javascript: wrote:
I can't create rules with parameters such as user name, IP source
14 matches
Mail list logo