[ossec-list] Re: ossec server reporting itself as 0.0.0.0 and more

[Leonardo Goldim]

i've installed the last ossec-ui (i did the download 30 minutes ago) and the problem with signatures continue ... ID <Signature> <Timestamp> <Source Address> <Dest. Address> <Layer 4 Proto> #0-(1-1) 1 2006-07-31 10:41:33 0.0.0.0 10.0.0.9 IP what i forgot to do ? -- ________________________________________ Leonardo Goldim - Auditoria Intranetworks [EMAIL PROTECTED] Intranetworks Rua Marquês do Pombal 1710/805 Porto Alegre - RS - 90540-000 +55 51 3325-5700 +55 51 8415-8604 Meir Michanie wrote: download ossec-ui On 9/17/06, Meir Michanie <[EMAIL PROTECTED]> wrote: try my last build http://www.riunx.com/portal/modules.php?module=tips&mode=article&artid=5 On 9/15/06, |SaMaN| <[EMAIL PROTECTED]> wrote: It is latest snapshot of ossec2mysql and running with resolve. My config is below. So where is the problem?   [EMAIL PROTECTED] rules]# cat /etc/ossec2base.conf # PARAMS USED BY  OSSEC2BASED dbhost=localhost database=snort debug=5 dbport=3306 dbpasswd= dbuser=root fieldseparator=; daemonize=1 sensor=ossec interface=daemon resolve=1       From: ossec-list@googlegroups.com [mailto: ossec-list@googlegroups.com] On Behalf Of Meir Michanie Sent: Friday, September 15, 2006 2:08 PM To: ossec-list@googlegroups.com Subject: [ossec-list] Re: ossec server reporting itself as 0.0.0.0 and more   use ossec2mysql with resolve (without -n and check your config) On 9/15/06, [EMAIL PROTECTED] < [EMAIL PROTECTED]> wrote: Installed latest snapshot still 0.0.0.0 ** Alert 1158312137.299900:      mail 2006 Sep 15 12:22:17 localhost -> (X1) 195.X.X.X->\WINNT/System32/LogFiles/W3SVC2/ex060915.log Rule: 11 (level 8) -> 'Excessive number of connections during this hour. Src IP: (0.0.0.0) User: (none) The average number of logs between 12:00 and 13:00 is 8485. We reached 10184.'No Log Available (HOURLY_STATS)