[ossec-list] Re: OSSEC v2.8.3 Windows Agent Not Sending Application or System Alerts

2017-01-24 Thread MSF004
I figured this out on my own and thought I would post a response in the event someone else is confused as I was. My Application and System Log data was being sent to the OSSEC server; however, the server was configured as such that the events I was seeing within the Window's Event Viewer were

Re: [ossec-list] Re: OSSEC: monitoring Windows clients in DMZ

2015-11-17 Thread dan (ddp)
On Nov 17, 2015 9:58 AM, "Mega Chip" wrote: > > Same problem here. Any solution in the last 6 years? > Not that i am aware of. You can submit an issue or code for this at https://github.com/ossec/ossec-hids Possible hack-ish solutions: Stunnel Ssh tunnel Log to

[ossec-list] Re: OSSEC: monitoring Windows clients in DMZ

2015-11-17 Thread Mega Chip
Same problem here. Any solution in the last 6 years? Am Donnerstag, 23. April 2009 11:20:55 UTC+2 schrieb ver...@neuestadt.ch: > > > Hello > > we intend to to install OSSEC server in secure subnet and/but some Windows > clients in the DMZ should be monitored. > Our security policy is, that no

[ossec-list] Re: OSSEC: monitoring Windows clients in DMZ

2009-04-23 Thread OSSEC List
On Thu, 23 Apr 2009 11:20:55 +0200, ver...@neuestadt.ch wrote: Hello we intend to to install OSSEC server in secure subnet and/but some Windows clients in the DMZ should be monitored. Our security policy is, that no host in the DMZ can establish a connection to the secure subnet behind

[ossec-list] Re: OSSEC 1.6 Windows client memory usage

2008-10-02 Thread shadejinx
I noticed this. There appears to be a memory leak with event log monitoring. I commented that portion out of the config and haven't had any memory problems. To get the event logs off, I installed SNARE and had it forward them to OSSEC. (or rather, to a syslog-ng separated file that the OSSEC

[ossec-list] Re: OSSEC 1.6 Windows client memory usage

2008-10-02 Thread Daniel Cid
Yes, it is fixed already on the following snapshot: http://www.ossec.net/files/snapshots/ossec-win32-080912.exe We will soon release version 1.6.1 with those fixes. Thanks, -- Daniel B. Cid dcid ( at ) ossec.net On Tue, Sep 30, 2008 at 6:10 PM, [EMAIL PROTECTED] wrote: I noticed this.

[ossec-list] Re: Ossec and Windows 2008 ?

2008-04-22 Thread Daniel Cid
Hi, I never tried ossec on Windows 2008 (or Vista), so I guess we don't support it in there yet. I will have to get a hold on these versions to add support for them... Thanks, -- Daniel B. Cid dcid ( at ) ossec.net On Mon, Apr 21, 2008 at 5:57 AM, Per Salomonsson [EMAIL PROTECTED] wrote:

[ossec-list] Re: Ossec with Windows firewall?

2008-02-09 Thread Michael Starks
[EMAIL PROTECTED] wrote: Has anyone implemented Ossec with windows firewall? Ossec on *Nix kicks A** but how about windows? I have OSSEC running on Windows servers that also have Windows Host Firewalls running. OSSEC reads the logs and reports on multiple dropped packets. I have a feeling

[ossec-list] Re: Ossec with Windows firewall?

2008-02-08 Thread deltamails
: Friday, February 08, 2008 5:08 PM Subject: [ossec-list] Re: Ossec with Windows firewall? I have it running on some Windows 2003 server (agent), but I have problems when it goes to read my security log file, it just hangs for some reason. I think Daniel may be releasing a patch

[ossec-list] Re: Ossec on windows

2007-10-24 Thread McClinton, Rick
Yes, It is due to a resource pool leak in those versions. Upgrade to 1.3. From: ossec-list@googlegroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Marco Supino Sent: Wednesday, October 24, 2007 10:47 AM To: ossec-list@googlegroups.com Subject:

[ossec-list] Re: Ossec on windows

2007-10-24 Thread Michael Starks
Marco Supino wrote: Hi, I am having a problem with Ossec running on windows, versions 1.1 and 1.2, the machine stops working after a few weeks, Hello Marco, I have these versions of OSSEC running on several Windows machines and don't have these problems. Are you sure you don't have

[ossec-list] Re: Ossec on windows

2007-10-24 Thread Marco Supino
Where can I find this info ? I couldn't find anything in the changelog Marco. From: ossec-list@googlegroups.com [mailto:[EMAIL PROTECTED] On Behalf Of McClinton, Rick Sent: Wednesday, October 24, 2007 17:05 To: ossec-list@googlegroups.com Subject: [ossec-list] Re: Ossec on windows

[ossec-list] Re: Ossec on windows

2007-10-24 Thread Daniel Cid
@googlegroups.com Subject: [ossec-list] Re: Ossec on windows Yes, It is due to a resource pool leak in those versions. Upgrade to 1.3. From: ossec-list@googlegroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Marco Supino Sent: Wednesday

[ossec-list] Re: Ossec on windows server and brute force

2007-06-19 Thread McClinton, Rick
No, it only detects and sends notifications, no active-response. -Original Message- From: ossec-list@googlegroups.com [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Wednesday, June 20, 2007 3:30 AM To: ossec-list@googlegroups.com Subject: [ossec-list] Ossec on