I thought about going that root, Alberto, but then I realized I need to
build the package in local mode. I can write a bit about it if the
community is interested.
I just opted to build the OSSEC package from source using a bash script
piped into my fleet via AWS systems manager (for AWS
root = route :)
On 7/27/20 10:13 PM, marcos wrote:
I thought about going that root, Alberto, but then I realized I need
to build the package in local mode. I can write a bit about it if the
community is interested.
I just opted to build the OSSEC package from source using a bash
script
this file.
Thanks Regards,
Marcos
:bd37d291ce34e363af853958a31f241c74bd85d4
!1330029335 /opt/syslog-ng/conf/syslog-ng.conf
Regards,
Marcos
Hi Dan,
Thanks and please share the meaning of those fields with me, when you have a
chance to see the source code.
Also thanks for your suggestion and I am going to remove the line having #
and keep the last one.
Thanks Regards,
Marcos Regards,
Marcos
use the command cp -p test1.bak test1 which copy back the file
to the original location without changing the modified time, will OSSEC able to
detect it on the next scan?
Thanks Regards,
Marcos
===
Background Information
===
(1) Inside the agent.conf file, I set
Hi Dan,
Thanks.
Regards,
Marcos
On Tue, Jul 10, 2012 at 10:12 PM, dan (ddp) ddp...@gmail.com wrote:
On Sat, Jun 30, 2012 at 2:02 PM, Marcos Tang marcostang2...@yahoo.com
wrote:
Hi,
I have 2 questions about OSSEC and I want to know your answer.
Today, the syscheck_control -i 125 -f
hits the same problem and how do you solve it?
My OSSEC server is installed on a Sun Solaris 8 machine.
Best regards,
Marcos
hours? Or it will not be updated until some changes are detected?
Remarks: The output of syscheck_control -l shows that OSSEC agent is ACTIVE
all the time. So I think the communication between them should be ok.
Regards,
Marcos
root other 512 Jun 28 2011 ..
drwxrwx--- 2 root other 512 Jun 28 2011 .
root@myagent%
My questions:
Why there is no integrity change detected but OSSEC servers report the file is
changed?
Regards,
Marcos
Yes, OSSEC-HIDS does not support gmail cause TLS plus email authentication.A
solution I use is install email-relay and configure it to send using gmail.
Works like a charm! :)
Marcos Neves
+55 44 3263-8132
+55 44 9918-8488
On Thu, Feb 5, 2009 at 3:00 PM, cnk lists.canuck...@gmail.com wrote
Read the FAQ, i think it will help you..
http://www.ossec.net/wiki/index.php/Errors:AgentCommunication
--
Marcos Aurelio Rodrigues (DEiGrAtiA-33)
[EMAIL PROTECTED]
CCNA, MCSO
Mirabilia laudo semprer, Dei
On Feb
I have an OSSEC client and server.
Both of them have connectivity, and the agent is sending alerts to the
server when, for example, and FTP attack is detected.
While performing several tests (sniffing traffic), I've seen that the agent
sends alerts to the server when a web attack is detected,
13 matches
Mail list logo