Thank you for your reply, I´ll be working on that and share it when done.
Kind Regards
2015-03-11 2:10 GMT+01:00 Brent Morris brent.mor...@gmail.com:
You might need to flesh out the rules for asterisk. I didn't see anything
based on INVITE in the asterisk section of the decodes or the
...@gmail.com wrote:
On Feb 10, 2015 7:57 AM, Daniel Calvo Castro
daniel.ca...@kernelsecurity.es wrote:
Hi again
These brackets are for emphasis, sorry for not to clarify this, but it
clearly looks like it is a regexp issue, I´m going to deal with it now
and I´ll post if I´m able to solve
Hi list,
When you attack PBX by enumerating users, you can do it via INVITE,
REGISTER and OPTIONS.
ossec is only able to detect REGISTER requests, but nothing happens
when successfully try to enumerate vía INVITE ( tried myself )
I´m doing something wrong or ossec has to be tweaked?
Kind
on github as suggested? I´ll do that in such case
Kind Regards
2015-02-10 13:31 GMT+01:00 dan (ddp) ddp...@gmail.com:
On Mon, Feb 9, 2015 at 4:23 PM, Daniel Calvo Castro
daniel.ca...@kernelsecurity.es wrote:
Just today I´ve been experiencing same issues trying to get OSSIM + OSSEC
working
Just today I´ve been experiencing same issues trying to get OSSIM + OSSEC
working with an asterisk box, I´ve followed this link [1], and trying to
enumerate users I´m able to correlate and fire mails correctly with OSSIM,
but UI always show $SRCIP 0.0.0.0 so seems useless to configure
post-actions